PowerDNS Malformed EDNS0 Packet Remote Denial of Service Vulnerability
BID:17711
Info
PowerDNS Malformed EDNS0 Packet Remote Denial of Service Vulnerability
| Bugtraq ID: | 17711 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2006-2069 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 26 2006 12:00AM |
| Updated: | May 15 2006 10:19PM |
| Credit: | The vendor credits David Gavarret with the discovery of this issue. |
| Vulnerable: |
S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.1 PowerDNS PowerDNS 3.0 |
| Not Vulnerable: |
PowerDNS PowerDNS 3.0.1 |
Discussion
PowerDNS Malformed EDNS0 Packet Remote Denial of Service Vulnerability
A denial-of-service vulnerability affects PowerDNS. This issue is due to the application's failure to properly handle malformed DNS packets.
The vulnerability allows remote attackers from external networks to crash affected DNS servers, denying further service to legitimate users.
PowerDNS version 3.0 is affected by this issue.
A denial-of-service vulnerability affects PowerDNS. This issue is due to the application's failure to properly handle malformed DNS packets.
The vulnerability allows remote attackers from external networks to crash affected DNS servers, denying further service to legitimate users.
PowerDNS version 3.0 is affected by this issue.
Exploit / POC
PowerDNS Malformed EDNS0 Packet Remote Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
PowerDNS Malformed EDNS0 Packet Remote Denial of Service Vulnerability
Solution:
Version 3.0.1 of PowerDNS is available to address this issue.
Please see the references for vendor advisories and fixes.
PowerDNS PowerDNS 3.0
Solution:
Version 3.0.1 of PowerDNS is available to address this issue.
Please see the references for vendor advisories and fixes.
PowerDNS PowerDNS 3.0
-
PowerDNS pdns-recursor-3.0.1.tar.bz2
http://downloads.powerdns.com/releases/pdns-recursor-3.0.1.tar.bz2
References
PowerDNS Malformed EDNS0 Packet Remote Denial of Service Vulnerability
References:
References:
- Changeset 760 (PowerDNS)
- Changeset 761 (PowerDNS)
- PowerDNS Product Page (PowerDNS)
- PowerDNS Release Notes (PowerDNS)