[arch-security] [ASA-201609-9] powerdns: denial of service
Remi Gacogne
rgacogne at archlinux.org
Tue Sep 13 20:42:28 UTC 2016
Arch Linux Security Advisory ASA-201609-9
=========================================
Severity: Medium
Date : 2016-09-13
CVE-ID : CVE-2016-5426 CVE-2016-5427
Package : powerdns
Type : denial of service
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The package powerdns before version 4.0.1-3 is vulnerable to denial of
service.
Resolution
==========
Upgrade to 4.0.1-3.
# pacman -Syu "powerdns>=4.0.1-3"
The problems have been fixed upstream in version 4.0.0.
Workaround
==========
Running dnsdist in front of potentially affected servers prevents
CVE-2016-5426, and can prevent CVE-2016-5427 with the use of custom
rules described in the PowerDNS advisory.
Description
===========
Two issues have been found in PowerDNS Authoritative Server allowing a
remote, unauthenticated attacker to cause an abnormal load on the
PowerDNS backend by sending crafted DNS queries, which might result in a
partial denial of service if the backend becomes overloaded. SQL
backends for example are particularly vulnerable to this kind of
unexpected load if they have not been dimensioned for it.
- CVE-2016-5426
PowerDNS Authoritative Server accepts queries with a qname's length
larger than 255 bytes.
- CVE-2016-5427
PowerDNS Authoritative Server does not properly handle dot inside labels.
Impact
======
A remote, unauthenticated attacker can cause an abnormal load on the
backend by sending crafted DNS queries, resulting in denial of service.
References
==========
http://seclists.org/oss-sec/2016/q3/464
https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/
https://access.redhat.com/security/cve/CVE-2016-5426
https://access.redhat.com/security/cve/CVE-2016-5427
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20160913/606869ed/attachment.asc>
More information about the arch-security
mailing list