[ASA-201901-13] powerdns-recursor: multiple issues

Morten Linderud foxboron at archlinux.org
Sun Jan 27 10:52:32 UTC 2019


Arch Linux Security Advisory ASA-201901-13
==========================================

Severity: Medium
Date    : 2019-01-24
CVE-ID  : CVE-2019-3806 CVE-2019-3807
Package : powerdns-recursor
Type    : multiple issues
Remote  : Yes
Link    : https://security.archlinux.org/AVG-856

Summary
=======

The package powerdns-recursor before version 4.1.9-1 is vulnerable to
multiple issues including insufficient validation and access
restriction bypass.

Resolution
==========

Upgrade to 4.1.9-1.

# pacman -Syu "powerdns-recursor>=4.1.9-1"

The problems have been fixed upstream in version 4.1.9.

Workaround
==========

None.

Description
===========

- CVE-2019-3806 (access restriction bypass)

An issue has been found in PowerDNS Recursor before 4.1.9 where Lua
hooks are not properly applied to queries received over TCP in some
specific combination of settings, possibly bypassing security policies
enforced using Lua.

- CVE-2019-3807 (insufficient validation)

An issue has been found in PowerDNS Recursor before 4.1.9 where records
in the answer section of responses received from authoritative servers
with the AA flag not set were not properly validated, allowing an
attacker to bypass DNSSEC validation.

Impact
======

A remote attacker can bypass access restrictions by doing a TCP query
or bypass DNSSEC validation for records where the AA flag was not set.

References
==========

https://blog.powerdns.com/2019/01/21/powerdns-recursor-4-1-9-released/
https://security.archlinux.org/CVE-2019-3806
https://security.archlinux.org/CVE-2019-3807
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20190127/891df793/attachment.asc>


More information about the arch-security mailing list