BID:17694

Paul A. Rombouts PDNSD DNS Query Denial Of Service Vulnerability

Info

Paul A. Rombouts PDNSD DNS Query Denial Of Service Vulnerability

Bugtraq ID:	17694
Class:	Design Error
CVE:	CVE-2006-2076
Remote:	Yes
Local:	No
Published:	Apr 25 2006 12:00AM
Updated:	May 10 2006 11:04PM
Credit:	This issue was discovered by the PROTOS DNS Test Suite, which was developed by the Oulu University Secure Programming Group (OUSPG).
Vulnerable:	pdnsd pdnsd 1.2.3 -par pdnsd pdnsd 1.2.2 -par pdnsd pdnsd 1.2.1 -par pdnsd pdnsd 1.1.11 -par pdnsd pdnsd 1.1.10 -par pdnsd pdnsd 1.1.8 b1-par8 pdnsd pdnsd 1.1.8 b1-par6 pdnsd pdnsd 1.1.8 b1-par5 pdnsd pdnsd 1.1.7 a pdnsd pdnsd 1.1.6 pdnsd pdnsd 1.1.5 pdnsd pdnsd 1.1.4 pdnsd pdnsd 1.1.3 pdnsd pdnsd 1.1.2 pdnsd pdnsd 1.1.1 pdnsd pdnsd 1.1 pdnsd pdnsd 1.0.15 pdnsd pdnsd 1.0.13 Gentoo Linux

Not Vulnerable:	pdnsd pdnsd 1.2.4 -par

Discussion

Paul A. Rombouts PDNSD DNS Query Denial Of Service Vulnerability

The pdnsd DNS server is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to properly handle DNS queries.

An attacker can exploit this issue to consume excessive memory, and then to crash the affected service, effectively denying service to legitimate users.

The vendor has addressed this issue in version 1.2.4-par; earlier versions are reportedly vulnerable.

Exploit / POC

Paul A. Rombouts PDNSD DNS Query Denial Of Service Vulnerability

The PROTOS DNS Test Suite, which was developed by the Oulu University Secure Programming Group (OUSPG), may be used to trigger this issue.

Solution / Fix

Paul A. Rombouts PDNSD DNS Query Denial Of Service Vulnerability

Solution:

The vendor has released version 1.2.4-par to address this issue.

Please see the referenced vendor advisories for more information and fixes.

pdnsd pdnsd 1.1.5