Sign-up

ID

VAR-201202-0180


CVE

CVE-2012-1193


TITLE

PowerDNS Vulnerabilities that allow continuous name resolution for invalid domain names

Trust: 0.8

sources: JVNDB: JVNDB-2012-001509

DESCRIPTION

The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. PowerDNS Recursor is a high performance recursive name server. A vulnerability exists in the resolver in version 3.3 of PowerDNS Recursor (also known as pdns_recursor). The cache server name and TTL value in the NS record are overwritten during the processing of the query record response. Successfully exploiting these issues will allow an attacker to manipulate cache data, which may aid in further attacks. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-33 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: PowerDNS Recursor: Multiple vulnerabilities Date: December 22, 2014 Bugs: #299942, #404377, #514946, #531992 ID: 201412-33 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in PowerDNS Recursor, the worst of which may allow execution of arbitrary code. Background ========== PowerDNS Recursor is a high-end, high-performance resolving name server Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-dns/pdns-recursor < 3.6.1-r1 >= 3.6.1-r1 Description =========== Multiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details. Impact ====== A remote attacker may be able to send specially crafted packets, possibly resulting in arbitrary code execution or a Denial of Service condition. Furthermore, a remote attacker may be able to spoof DNS data. Workaround ========== There is no known workaround at this time. Resolution ========== All PowerDNS Recursor users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/pdns-recursor-3.6.1-r1"= References ========== [ 1 ] CVE-2009-4009 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4009 [ 2 ] CVE-2009-4010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4010 [ 3 ] CVE-2012-1193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1193 [ 4 ] CVE-2014-8601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8601 [ 5 ] Related to recent DoS attacks: Recursor configuration file guidance http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recurso= r-configuration-file-guidance/ Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-33.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.52

sources: NVD: CVE-2012-1193 // JVNDB: JVNDB-2012-001509 // CNVD: CNVD-2012-9038 // BID: 59348 // PACKETSTORM: 129691

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2012-9038

AFFECTED PRODUCTS

vendor:powerdnsmodel:recursorscope:eqversion:3.3

Trust: 3.0

vendor:powerdnsmodel:recursive serverscope:eqversion:3.3

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:powerdnsmodel:recursive serverscope:neversion:3.5

Trust: 0.3

sources: CNVD: CNVD-2012-9038 // BID: 59348 // JVNDB: JVNDB-2012-001509 // CNNVD: CNNVD-201202-351 // NVD: CVE-2012-1193

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-1193
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-1193
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2012-9038
value: LOW

Trust: 0.6

CNNVD: CNNVD-201202-351
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2012-1193
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2012-9038
severity: LOW
baseScore: 0.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 0.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2012-9038 // JVNDB: JVNDB-2012-001509 // CNNVD: CNNVD-201202-351 // NVD: CVE-2012-1193

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-DesignError

Trust: 0.8

sources: JVNDB: JVNDB-2012-001509 // NVD: CVE-2012-1193

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-351

TYPE

Design Error

Trust: 0.9

sources: BID: 59348 // CNNVD: CNNVD-201202-351

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-001509

PATCH
title:Top Pageurl:http://www.powerdns.com
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-001509

EXTERNAL IDS
db:NVDid:CVE-2012-1193
Trust: 3.4
db:CERT/CCid:VU#542123
Trust: 0.8
db:JVNDBid:JVNDB-2012-001509
Trust: 0.8
db:CNVDid:CNVD-2012-9038
Trust: 0.6
db:CNNVDid:CNNVD-201202-351
Trust: 0.6
db:BIDid:59348
Trust: 0.3
db:PACKETSTORMid:129691
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2012-9038 // 
            
            
            
            BID: 59348 // 
            
            
            
            JVNDB: JVNDB-2012-001509 // 
            
            
            
            PACKETSTORM: 129691 // 
            
            
            
            CNNVD: CNNVD-201202-351 // 
            
            
            
            NVD: CVE-2012-1193

REFERENCES
url:https://www.isc.org/files/imce/ghostdomain_camera.pdf
Trust: 1.6
url:http://lists.fedoraproject.org/pipermail/package-announce/2013-may/104177.html
Trust: 1.0
url:http://lists.fedoraproject.org/pipermail/package-announce/2013-april/102729.html
Trust: 1.0
url:http://lists.fedoraproject.org/pipermail/package-announce/2013-may/104173.html
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1193
Trust: 0.8
url:http://jprs.jp/tech/notice/2012-02-17-ghost-domain-names.html
Trust: 0.8
url:http://jvn.jp/cert/jvnvu542123
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1193
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/542123
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/search-results?query=cve-2012-1193
Trust: 0.6
url:http://www.powerdns.com/
Trust: 0.3
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4009
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-4010
Trust: 0.1
url:http://creativecommons.org/licenses/by-sa/2.5
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1193
Trust: 0.1
url:http://security.gentoo.org/glsa/glsa-201412-33.xml
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1193
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2009-4009
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8601
Trust: 0.1
url:http://security.gentoo.org/
Trust: 0.1
url:http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recurso=
Trust: 0.1
url:https://bugs.gentoo.org.
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4010
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-8601
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2012-9038 // 
            
            
            
            BID: 59348 // 
            
            
            
            JVNDB: JVNDB-2012-001509 // 
            
            
            
            PACKETSTORM: 129691 // 
            
            
            
            CNNVD: CNNVD-201202-351 // 
            
            
            
            NVD: CVE-2012-1193

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 59348

SOURCES
db:CNVDid:CNVD-2012-9038
db:BIDid:59348
db:JVNDBid:JVNDB-2012-001509
db:PACKETSTORMid:129691
db:CNNVDid:CNNVD-201202-351
db:NVDid:CVE-2012-1193

LAST UPDATE DATE
2024-11-23T21:01:37.310000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2012-9038date:2012-02-20T00:00:00
db:BIDid:59348date:2015-05-07T17:16:00
db:JVNDBid:JVNDB-2012-001509date:2012-02-21T00:00:00
db:CNNVDid:CNNVD-201202-351date:2012-02-20T00:00:00
db:NVDid:CVE-2012-1193date:2024-11-21T01:36:38.280

SOURCES RELEASE DATE
db:CNVDid:CNVD-2012-9038date:2012-02-20T00:00:00
db:BIDid:59348date:2013-02-27T00:00:00
db:JVNDBid:JVNDB-2012-001509date:2012-02-21T00:00:00
db:PACKETSTORMid:129691date:2014-12-23T15:40:47
db:CNNVDid:CNNVD-201202-351date:2012-02-20T00:00:00
db:NVDid:CVE-2012-1193date:2012-02-17T22:55:00.747