5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.011 Low
EPSS
Percentile
84.6%
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not
sufficiently defend against amplification attacks. An issue in the DNS
protocol has been found that allow malicious parties to use recursive DNS
services to attack third party authoritative name servers. The attack uses
a crafted reply by an authoritative name server to amplify the resulting
traffic between the recursive and other authoritative name servers. Both
types of service can suffer degraded performance as an effect. This is
triggered by random subdomains in the NSDNAME in NS records. PowerDNS
Recursor 4.1.16, 4.2.2 and 4.3.1 contain a mitigation to limit the impact
of this DNS protocol issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | pdns-recursor | < any | UNKNOWN |
ubuntu | 20.04 | noarch | pdns-recursor | < any | UNKNOWN |
ubuntu | 16.04 | noarch | pdns-recursor | < any | UNKNOWN |
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.011 Low
EPSS
Percentile
84.6%