<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>10. PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited</title><link rel="stylesheet" href="docbook.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.75.2" /><link rel="home" href="index.html" title="PowerDNS manual" /><link rel="up" href="powerdns.html" title="Chapter 1. The PowerDNS dynamic nameserver" /><link rel="prev" href="powerdns-advisory-2008-03.html" title="9. PowerDNS Security Advisory 2008-02: Some PowerDNS Configurations can be forced to restart remotely" /><link rel="next" href="powerdns-advisory-2010-02.html" title="11. PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data" /></head><body><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">10. PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="powerdns-advisory-2008-03.html">Prev</a> </td><th width="60%" align="center">Chapter 1. The PowerDNS dynamic nameserver</th><td width="20%" align="right"> <a accesskey="n" href="powerdns-advisory-2010-02.html">Next</a></td></tr></table><hr /></div><div class="sect1" title="10. PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="powerdns-advisory-2010-01"></a>10. PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited</h2></div></div></div><p>
</p><div class="table"><a id="idp7685120"></a><p class="title"><b>Table 1.6. PowerDNS Security Advisory</b></p><div class="table-contents"><table summary="PowerDNS Security Advisory" border="1"><colgroup><col /><col /></colgroup><tbody><tr><td>
CVE
</td><td>
CVE-2009-4009
</td></tr><tr><td>
Date
</td><td>
6th of January 2010
</td></tr><tr><td>
Affects
</td><td>
PowerDNS Recursor 3.1.7.1 and earlier
</td></tr><tr><td>
Not affected
</td><td>
No versions of the PowerDNS Authoritative ('pdns_server') are affected.
</td></tr><tr><td>
Severity
</td><td>
Critical
</td></tr><tr><td>
Impact
</td><td>
Denial of Service, possible full system compromise
</td></tr><tr><td>
Exploit
</td><td>
Withheld
</td></tr><tr><td>
Solution
</td><td>
Upgrade to PowerDNS Recursor 3.1.7.2 or higher
</td></tr><tr><td>
Workaround
</td><td>
None. The risk of exploitation or denial of service can be decreased slightly by using the 'allow-from' setting to only provide service to known users. The risk of a full system
compromise can be reduced by running with a suitable reduced privilege user and group settings, and possibly chroot environment.
</td></tr></tbody></table></div></div><p><br class="table-break" />
</p><p>
Using specially crafted packets, it is possible to force a buffer overflow in the PowerDNS Recursor, leading to a crash.
</p><p>
This vulnerability was discovered by a third party that (for now) prefers not to be named. PowerDNS is very grateful however for their help in
improving PowerDNS security.
</p></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="powerdns-advisory-2008-03.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="powerdns.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="powerdns-advisory-2010-02.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">9. PowerDNS Security Advisory 2008-02: Some PowerDNS Configurations can be forced to restart remotely </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> 11. PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data</td></tr></table></div></body></html>
