ArchLinux: 202005-10: powerdns-recursor: multiple issues

    Date 23 May 2020
    112
    Posted By LinuxSecurity Advisories
    The package powerdns-recursor before version 4.2.2-1 is vulnerable to multiple issues including denial of service and insufficient validation.
    Arch Linux Security Advisory ASA-202005-10
    ==========================================
    
    Severity: Medium
    Date    : 2020-05-19
    CVE-ID  : CVE-2020-10995 CVE-2020-12244
    Package : powerdns-recursor
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-1163
    
    Summary
    =======
    
    The package powerdns-recursor before version 4.2.2-1 is vulnerable to
    multiple issues including denial of service and insufficient
    validation.
    
    Resolution
    ==========
    
    Upgrade to 4.2.2-1.
    
    # pacman -Syu "powerdns-recursor>=4.2.2-1"
    
    The problems have been fixed upstream in version 4.2.2.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2020-10995 (denial of service)
    
    An issue has been found in PowerDNS Recursor before 4.3.1 and 4.2.2. An
    issue in the DNS protocol has been found that allow malicious parties
    to use recursive DNS services to attack third party authoritative name
    servers. The attack uses a crafted reply by an authoritative name
    server to amplify the resulting traffic between the recursive and other
    authoritative name servers. Both types of service can suffer degraded
    performance as an effect. The effect was already limited in PowerDNS
    Recursor because of existing mitigations, but additional mitigations
    relative to this specific attack have been added.
    
    - CVE-2020-12244 (insufficient validation)
    
    An issue has been found in PowerDNS Recursor before 4.3.1 and 4.2.2
    where records in the answer section of a NXDOMAIN response lacking an
    SOA were not properly validated in SyncRes::processAnswer. This would
    allow an attacker in position of man-in-the-middle to send a NXDOMAIN
    answer for a name that does exist, bypassing DNSSEC validation.
    
    Impact
    ======
    
    A remote attacker can use the recursor has an amplification vector to
    cause a denial of service via a crafted reply. In addition, a remote
    attacker in position of man-in-the-middle can bypass DNSSEC validation
    via a crafted reply.
    
    References
    ==========
    
    https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-01.html
    https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-02.html
    https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-03.html
    https://github.com/PowerDNS/pdns/commit/86f95f85295696c0b264455472b8e270fccb6542
    https://www.nxnsattack.com/
    https://github.com/PowerDNS/pdns/commit/4bba0ec04aacbec08fe585ad790e2e8e0cb7b04a
    https://security.archlinux.org/CVE-2020-10995
    https://security.archlinux.org/CVE-2020-12244
    

    LinuxSecurity Poll

    Do you agree with Linus Torvalds' decision to reject the controversial patch mitigating the Snoop attack on Intel CPUs?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/28-do-you-agree-with-linus-torvalds-decision-to-reject-the-controversial-patch-mitigating-the-snoop-attack-on-intel-cpus?task=poll.vote&format=json
    28
    radio
    [{"id":"100","title":"Yes - this was undoubtedly the right decision.","votes":"1","type":"x","order":"1","pct":50,"resources":[]},{"id":"101","title":"Not sure...","votes":"1","type":"x","order":"2","pct":50,"resources":[]},{"id":"102","title":"No - he made a big mistake here.","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.