SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   PowerDNS Vendors:   powerdns.com
PowerDNS Input Validation Flaw in LDAP Backend and Error In Processing Restricted Recursion Requests Let Remote Users Deny Service
SecurityTracker Alert ID:  1014504
SecurityTracker URL:  http://securitytracker.com/id/1014504
CVE Reference:   CVE-2005-2301, CVE-2005-2302   (Links to External Site)
Updated:  Jul 6 2008
Original Entry Date:  Jul 17 2005
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 2.9.18
Description:   Two vulnerabilities were reported in PowerDNS. A remote user can cause denial of service conditions.

The LDAP backend does not properly validate certain user-supplied queries. A remote user may be able to cause the backend to fail and stop answering subsequent queries.

A remote user submitting queries from an IP address that is restricted from recursion may be able to cause responses to other clients that are permitted to access recursion services to be "blanked out."

Bert Hubert reported this vulnerability.

Impact:   A remote user can cause denial of service conditions.
Solution:   The vendor has issued a fixed version (2.9.18), available at:

http://www.powerdns.com/downloads/

Vendor URL:  www.powerdns.com/ (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  PowerDNS 2.9.18 fixes two security issues affecting users of LDAP


PowerDNS 2.9.18 fixes two bugs with security implications, which only apply to installations running on the LDAP backend, or installations
 providing recursion to a limited range of IP addresses. If any of these apply to you, an upgrade is highly advised.

Version 2.9.18 release notes are on: http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18
Version 2.9.18 is available on:
http://www.powerdns.com/downloads/
Wiki, source, bugtracker: http://wiki.powerdns.com/
Security page: http://doc.powerdns.com/security-policy.html

Details:
    * The LDAP backend did not properly escape all queries, allowing it to fail and not answer questions. We have not investigated
 further risks involved, but we advise LDAP users to update as quickly as possible (Norbert Sendetzky, Jan de Groot)

    * Questions from clients denied recursion could blank out answers to clients who are allowed recursion services, temporarily.
 Reported by Wilco Baan. This would've made it possible for outsiders to blank out a domain temporarily to your users. Luckily PowerDNS
 would send out SERVFAIL or Refused, and not a denial of a domain's existence. 

Thanks for your attention.

Bert Hubert
http://www.netherlabs.nl
http://www.powerdns.com
http://ds9a.nl/

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC