GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Thu Dec 24, 2020 6:26 am Post subject: [ GLSA 202012-19 ] PowerDNS Recursor |
|
|
Gentoo Linux Security Advisory
Title: PowerDNS Recursor: Denial of service (GLSA 202012-19)
Severity: low
Exploitable: remote
Date: 2020-12-23
Bug(s): #746923
ID: 202012-19
Synopsis
A vulnerability in PowerDNS Recursor could lead to a Denial of
Service condition.
Background
PowerDNS Recursor is a high-end, high-performance resolving name server.
Affected Packages
Package: net-dns/pdns-recursor
Vulnerable: < 4.3.5
Unaffected: >= 4.3.5
Architectures: All supported architectures
Description
It was discovered that it was possible to update the DNSSEC validation
state to a bogus state for a cached record via DNS ANY query.
Impact
A remote attacker could send specially crafted DNS queries to deny
DNSSEC validation.
Workaround
There is no known workaround at this time.
Resolution
All PowerDNS Recursor users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/pdns-recursor-4.3.5"
|
References
CVE-2020-25829
PowerDNS Security Advisory 2020-07
|
|