[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records
From: Peter van Dijk <peter.van.dijk () powerdns ! com>
Date: 2019-07-30 11:37:15
Message-ID: cdfea5779d02a81804aba92e092d8207f395c8d6.camel () powerdns ! com
[Download RAW message or body]
Hello,
please find below the text of PowerDNS Security Advisory 2019-06.
Updated packages (that only contain a Postgres schema change) will be
released later. Just upgrading at that time will not fix the
vulnerability - applying the schema change is mandatory.
> PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records
> ==============================================================================
>
> - CVE: CVE-2019-10203
> - Date: July 30th, 2019
> - Affects: PowerDNS Authoritative 4.0.0 and up, when using the gpgsql (PostgreSQL) backend
> - Not affected: 4.2.0, 4.1.11, 4.0.9
> - Severity: Low
> - Impact: Denial of Service
> - Exploit: This problem can be triggered via crafted records
> - Risk of system compromise: No
> - Solution: Update the database schema
> - Workaround: run the process inside the guardian or inside a supervisor
>
> An issue has been found in PowerDNS Authoritative Server allowing an
> authorized user to cause the server to exit by inserting a crafted record in a
> MASTER type zone under their control. The issue is due to the fact that the
> Authoritative Server will exit when it tries to store the notified serial in
> the PostgreSQL database, if this serial cannot be represented in 31 bits.
>
> This issue has been assigned CVE-2019-10203.
>
> PowerDNS Authoritative up to and including 4.1.10 is affected. Please note
> that at the time of writing, PowerDNS Authoritative 3.4 and below are no
> longer supported, as described in
> https://doc.powerdns.com/authoritative/appendices/EOL.html.
>
> To fix the issue, run the following command against your PostgreSQL pdns
> database: `ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE
> WHEN notified_serial >= 0 THEN notified_serial::bigint END;`. No software
> changes are required.
>
> We would like to thank Klaus Darilion for finding and subsequently reporting
> this issue!
Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic