[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] PowerDNS Recursor Security Advisory 2024-02: if recursive forwarding is configured, c
From: Peter van Dijk <peter.van.dijk () powerdns ! com>
Date: 2024-04-24 10:37:56
Message-ID: 6fc5f0dc8f6d868e9dcf4fc2d3bc535ef8907c3c.camel () powerdns ! com
[Download RAW message or body]
Dear user,
Please find below a security advisory, relating to PowerDNS Recursor
4.8.7, 4.9.4 and 5.0.3 only.
When using recursive forwarding, a crafted response from an upstream
server can cause a Denial of Service in the Recursor.
=========================================================================
PowerDNS Security Advisory 2024-02: if recursive forwarding is
configured, crafted responses can lead to a denial of service in Recursor
CVE: CVE-2024-25583
Date: 24th of April 2024.
Affects: PowerDNS Recursor 4.8.7, 4.9.4 and 5.0.3, earlier versions
are not affected
Not affected: PowerDNS Recursor 4.8.8, 4.9.5 and 5.0.4
Severity: High (only when using recursive forwarding)
Impact: Denial of service
Exploit: This problem can be triggered by an attacker publishing a crafted zone
Risk of system compromise: None
Solution: Upgrade to patched version
When using recursive forwarding, a crafted response from an upstream
server can cause a Denial of Service in the Recursor. The default
configuration of the Recursor does not use recursive forwarding and is
not affected.
CVSS Score: 7.5, only for configurations using recursive forwarding, see
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H&version=3.1
The remedy is to update to a patched version.
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic