From 9f8aba5544db0522458604bf5d12cf2c71257771 Mon Sep 17 00:00:00 2001 From: Bert Hubert Date: Thu, 7 Jan 2010 11:55:11 +0000 Subject: [PATCH] the documentation updates including the security vulnerabilities git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1491 d19b8d6e-7fed-0310-83ef-9ca221ded41b --- pdns/docs/pdns.sgml | 220 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 219 insertions(+), 1 deletion(-) diff --git a/pdns/docs/pdns.sgml b/pdns/docs/pdns.sgml index c9b04a194..ee124c4fd 100644 --- a/pdns/docs/pdns.sgml +++ b/pdns/docs/pdns.sgml @@ -125,6 +125,35 @@ + Recursor version 3.1.7.2 + + + + Released on the 6th of January 2010. + + + + + This release consist of a number of vital security updates. These updates address issues + that can in all likelihood lead to a full system compromise. In addition, it is possible for + third parties to pollute your cache with dangerous data, exposing your users to possible harm. + + + This version has been well tested, and at the time of this release is already powering millions + of internet connections, and should therefore be a risk-free upgrade from 3.1.7.1 or any earlier + version of the PowerDNS Recursor. + + + All known versions of the PowerDNS Recursor are impacted to a greater or lesser extent, so an immediate update is advised. + + + These vulnerabilities were discovered by a third party that can't yet be named, + but who we thank for their contribution to a more secure PowerDNS Recursor. + + + For more information, see and . + + Recursor version 3.1.7.1 @@ -6416,10 +6445,15 @@ name IN A 1.2.3.4 - As of the 6th of August 2008, no actual security problems with PowerDNS 2.9.21.1, Recursor 3.1.5, or later are known about. This page + As of the 6th of January 2010, no actual security problems with PowerDNS 2.9.22, Recursor 3.1.7.2, or later are known about. This page will be updated with all bugs which are deemed to be security problems, or could conceivably lead to those. Any such notifications will also be sent to all PowerDNS mailinglists. + + Version 3.1.7.1 and earlier of the PowerDNS recursor were vulnerable to a probably exploitable buffer overflow and a spoofing attack. + For more detail, see and + . + Version 3.1.4 and earlier of the PowerDNS recursor were vulnerable to a spoofing attack. For more detail, see . @@ -6968,6 +7002,190 @@ name IN A 1.2.3.4 occurs on receiving a CH HINFO query. + + PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited + + + PowerDNS Security Advisory + + + + + CVE + + + CVE-2009-4009 + + + + + Date + + + 6th of January 2010 + + + + + Affects + + + PowerDNS Recursor 3.1.7.1 and earlier + + + + + Not affected + + + No versions of the PowerDNS Authoritative ('pdns_server') are affected. + + + + + Severity + + + Critical + + + + + Impact + + + Denial of Service, possible full system compromise + + + + + Exploit + + + Withheld + + + + + Solution + + + Upgrade to PowerDNS Recursor 3.1.7.2 or higher + + + + + Workaround + + + None. The risk of exploitation or denial of service can be decreased slightly by using the 'allow-from' setting to only provide service to known users. The risk of a full system + compromise can be reduced by running with a suitable reduced privilege user and group settings, and possibly chroot environment. + + + + +
+ + + Using specially crafted packets, it is possible to force a buffer overflow in the PowerDNS Recursor, leading to a crash. + + + This vulnerability was discovered by a third party that (for now) prefers not to be named. PowerDNS is very grateful however for their help in + improving PowerDNS security. + + + + PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data + + + PowerDNS Security Advisory + + + + + CVE + + + CVE-2009-4010 + + + + + Date + + + 6th of January 2010 + + + + + Affects + + + PowerDNS Recursor 3.1.7.1 and earlier + + + + + Not affected + + + No versions of the PowerDNS Authoritative ('pdns_server') are affected. + + + + + Severity + + + High + + + + + Impact + + + Using smart techniques, it is possible to fool the PowerDNS Recursor into accepting unauthorized data + + + + + Exploit + + + Withheld + + + + + Solution + + + Upgrade to PowerDNS Recursor 3.1.7.2 or higher + + + + + Workaround + + + None. + + + + +
+ + + Using specially crafted zones, it is possible to fool the PowerDNS Recursor into accepting bogus data. This data might be harmful to your users. + An attacker would be able to divert data from, say, bigbank.com to an IP address of his choosing. + + + This vulnerability was discovered by a third party that (for now) prefers not to be named. PowerDNS is very grateful however for their help in + improving PowerDNS security. + + Acknowledgements -- 2.49.0