SB2014122205 - Gentoo update for PowerDNS Recursor

Security Bulletin ID SB2014122205

Severity

High

Patch available

YES

Number of vulnerabilities 4

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2009-4009)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.

2) Input validation error (CVE-ID: CVE-2009-4010)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.

3) Input validation error (CVE-ID: CVE-2012-1193)

The vulnerability allows a remote non-authenticated attacker to manipulate or delete data.

The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

4) Resource management error (CVE-ID: CVE-2014-8601)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.

Remediation

Install update from vendor's website.

References

https://security.gentoo.org/glsa/201412-33