DoS vulnerability in PowerDNS
PowerDNS, a DNS server used in settings such as the Wikipedia project, has been found to contain two bugs that attackers could use to provoke a denial of service attack, or even potentially plant malicious code. PowerDNS is a powerful DNS server that can address various backends and data sources like BIND or MySQL server for name resolution and which can temporarily store the results in memory for quicker delivery during repeated enquiries.
An invalid calculation of the length of DNS queries via TCP can lead PowerDNS to attempt to read up to 4 gigabytes of storage into a 64 kb buffer. Attackers can also potentially compromise a system. The DNS server can also be brought into an infinite loop through a CNAME loop, presuming no second CNAME entry exists.
The bug affects PowerDNS 3.1.3 and prior versions. The PowerDNS developers are now making the source code for version 3.1.4 available; affected administrators should install the update.
- Malformed TCP queries can lead to a buffer overflow which might be exploitable, security advisory from PowerDNS developers
- Zero second CNAME TTLs can make PowerDNS exhaust allocated stack space, and crash, bug advisory from PowerDNS developers
(ehe)