SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Your Ad Here
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  PowerDNS Vendors:  powerdns.com
PowerDNS Input Validation Flaw in LDAP Backend and Error In Processing Restricted Recursion Requests Let Remote Users Deny Service
SecurityTracker Alert ID:  1014504
SecurityTracker URL:  http://securitytracker.com/id?1014504
CVE Reference:  CVE-2005-2301 ,  CVE-2005-2302   (Links to External Site)
Updated:  Jul 6 2008
Original Entry Date:  Jul 17 2005
Impact:  Denial of service via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): prior to 2.9.18
Description:  Two vulnerabilities were reported in PowerDNS. A remote user can cause denial of service conditions.

The LDAP backend does not properly validate certain user-supplied queries. A remote user may be able to cause the backend to fail and stop answering subsequent queries.

A remote user submitting queries from an IP address that is restricted from recursion may be able to cause responses to other clients that are permitted to access recursion services to be "blanked out."

Bert Hubert reported this vulnerability.
Impact:  A remote user can cause denial of service conditions.
Solution:  The vendor has issued a fixed version (2.9.18), available at:

http://www.powerdns.com/downloads/
Vendor URL:  www.powerdns.com/ (Links to External Site)
Cause:  Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)
Reported By:  bert.hubert@netherlabs.nl
Message History:   None.

 Source Message Contents
Date:  16 Jul 2005 11:54:37 -0000
From:  bert.hubert@netherlabs.nl
Subject:  PowerDNS 2.9.18 fixes two security issues affecting users of LDAP

 

PowerDNS 2.9.18 fixes two bugs with security implications, which only apply to installations running 
on the LDAP backend, or installations
 providing recursion to a limited range of IP addresses. If any of these apply to you, an upgrade is 
highly advised.

Version 2.9.18 release notes are on: http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18
Version 2.9.18 is available on:
http://www.powerdns.com/downloads/
Wiki, source, bugtracker: http://wiki.powerdns.com/
Security page: http://doc.powerdns.com/security-policy.html

Details:
    * The LDAP backend did not properly escape all queries, allowing it to fail and not answer questi
ons. We have not investigated
 further risks involved, but we advise LDAP users to update as quickly as possible (Norbert Sendetzky
, Jan de Groot)

    * Questions from clients denied recursion could blank out answers to clients who are allowed recu
rsion services, temporarily.
 Reported by Wilco Baan. This would've made it possible for outsiders to blank out a domain temporari
ly to your users. Luckily PowerDNS
 would send out SERVFAIL or Refused, and not a denial of a domain's existence. 

Thanks for your attention.

Bert Hubert
http://www.netherlabs.nl
http://www.powerdns.com
http://ds9a.nl/


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC