vulnerability
FreeBSD: VID-6001cfc6-9f0f-4fae-9b4f-9b8fae001425 (CVE-2019-3871): PowerDNS -- Insufficient validation in the HTTP remote backend
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:P/I:P/A:P) | Mar 19, 2019 | Mar 20, 2019 | Dec 10, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Mar 19, 2019
Added
Mar 20, 2019
Modified
Dec 10, 2025
Description
PowerDNS developers report: An issue has been found in PowerDNS Authoritative Server when the HTTP remote backend is used in RESTful mode (without post=1 set), allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured one, via a crafted DNS query. This can be used to cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker-controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers.
Solution
freebsd-upgrade-package-powerdns
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.