[ASA-201903-13] powerdns: insufficient validation
Remi Gacogne
rgacogne at archlinux.org
Fri Mar 22 22:14:46 UTC 2019
Arch Linux Security Advisory ASA-201903-13
==========================================
Severity: High
Date : 2019-03-22
CVE-ID : CVE-2019-3871
Package : powerdns
Type : insufficient validation
Remote : Yes
Link : https://security.archlinux.org/AVG-927
Summary
=======
The package powerdns before version 4.1.7-1 is vulnerable to
insufficient validation.
Resolution
==========
Upgrade to 4.1.7-1.
# pacman -Syu "powerdns>=4.1.7-1"
The problem has been fixed upstream in version 4.1.7.
Workaround
==========
None.
Description
===========
An issue has been found in PowerDNS Authoritative Server before 4.1.7,
when the HTTP remote backend is used in RESTful mode (without post=1
set), allowing a remote user to cause the HTTP backend to connect to an
attacker-specified host instead of the configured one, via a crafted
DNS query. This can be used to cause a denial of service by preventing
the remote backend from getting a response, content spoofing if the
attacker can time its own query so that subsequent queries will use an
attacker-controlled HTTP server instead of the configured one, and
possibly information disclosure if the Authoritative Server has access
to internal servers.
Impact
======
A remote user can cause a denial of service by preventing the remote
backend from getting a response, content spoofing if the attacker can
time its own query so that subsequent queries will use an attacker-
controlled HTTP server instead of the configured one, and possibly
information disclosure if the Authoritative Server has access to
internal servers.
References
==========
https://seclists.org/oss-sec/2019/q1/185
https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html
https://github.com/PowerDNS/pdns/issues/7573
https://github.com/PowerDNS/pdns/pull/7577
https://security.archlinux.org/CVE-2019-3871
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20190322/b27ef161/attachment.sig>
More information about the arch-security
mailing list