'[oss-security] PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records
From:       Peter van Dijk <peter.van.dijk () powerdns ! com>
Date:       2019-07-30 11:37:15
Message-ID: cdfea5779d02a81804aba92e092d8207f395c8d6.camel () powerdns ! com
[Download RAW message or body]


Hello,

please find below the text of PowerDNS Security Advisory 2019-06.
Updated packages (that only contain a Postgres schema change) will be
released later. Just upgrading at that time will not fix the
vulnerability - applying the schema change is mandatory.

> PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records
> ==============================================================================
> 
> -  CVE: CVE-2019-10203
> -  Date: July 30th, 2019
> -  Affects: PowerDNS Authoritative 4.0.0 and up, when using the gpgsql (PostgreSQL) backend
> -  Not affected: 4.2.0, 4.1.11, 4.0.9
> -  Severity: Low
> -  Impact: Denial of Service
> -  Exploit: This problem can be triggered via crafted records
> -  Risk of system compromise: No
> -  Solution: Update the database schema
> -  Workaround: run the process inside the guardian or inside a supervisor
> 
> An issue has been found in PowerDNS Authoritative Server allowing an
> authorized user to cause the server to exit by inserting a crafted record in a
> MASTER type zone under their control. The issue is due to the fact that the
> Authoritative Server will exit when it tries to store the notified serial in
> the PostgreSQL database, if this serial cannot be represented in 31 bits.
> 
> This issue has been assigned CVE-2019-10203.
> 
> PowerDNS Authoritative up to and including 4.1.10 is affected. Please note
> that at the time of writing, PowerDNS Authoritative 3.4 and below are no
> longer supported, as described in
> https://doc.powerdns.com/authoritative/appendices/EOL.html.
> 
> To fix the issue, run the following command against your PostgreSQL pdns
> database: `ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE
> WHEN notified_serial >= 0 THEN notified_serial::bigint END;`. No software
> changes are required.
> 
> We would like to thank Klaus Darilion for finding and subsequently reporting
> this issue!

Kind regards,
-- 
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic