Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 30 Jul 2019 13:37:15 +0200
From: Peter van Dijk <peter.van.dijk@...erdns.com>
To: oss-security@...ts.openwall.com
Subject: PowerDNS Security Advisory 2019-06: Denial of service via crafted
 zone records

Hello,

please find below the text of PowerDNS Security Advisory 2019-06.
Updated packages (that only contain a Postgres schema change) will be
released later. Just upgrading at that time will not fix the
vulnerability - applying the schema change is mandatory.

> PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records
> ==============================================================================
> 
> -  CVE: CVE-2019-10203
> -  Date: July 30th, 2019
> -  Affects: PowerDNS Authoritative 4.0.0 and up, when using the gpgsql (PostgreSQL) backend
> -  Not affected: 4.2.0, 4.1.11, 4.0.9
> -  Severity: Low
> -  Impact: Denial of Service
> -  Exploit: This problem can be triggered via crafted records
> -  Risk of system compromise: No
> -  Solution: Update the database schema
> -  Workaround: run the process inside the guardian or inside a supervisor
> 
> An issue has been found in PowerDNS Authoritative Server allowing an
> authorized user to cause the server to exit by inserting a crafted record in a
> MASTER type zone under their control. The issue is due to the fact that the
> Authoritative Server will exit when it tries to store the notified serial in
> the PostgreSQL database, if this serial cannot be represented in 31 bits.
> 
> This issue has been assigned CVE-2019-10203.
> 
> PowerDNS Authoritative up to and including 4.1.10 is affected. Please note
> that at the time of writing, PowerDNS Authoritative 3.4 and below are no
> longer supported, as described in
> https://doc.powerdns.com/authoritative/appendices/EOL.html.
> 
> To fix the issue, run the following command against your PostgreSQL pdns
> database: `ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE
> WHEN notified_serial >= 0 THEN notified_serial::bigint END;`. No software
> changes are required.
> 
> We would like to thank Klaus Darilion for finding and subsequently reporting
> this issue!

Kind regards,
-- 
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

Download attachment "signature.asc" of type "application/pgp-signature" (915 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.