PowerDNS < 2.9.18 Multiple Vulnerabilities

medium Nessus Plugin ID 87945

Synopsis

The remote name server is affected by multiple vulnerabilities.

Description

According to its self-reported version number, the version of the PowerDNS service listening on the remote host is prior to 2.9.18. It is, therefore, affected by multiple vulnerabilities :

- A flaw exists due to improper escaping of LDAP queries.
A remote attacker can exploit this to cause a denial of service condition or to conduct LDAP injection attacks.
(CVE-2005-2301)

- A denial of service vulnerability exists when allowing recursion to a restricted range of IP addresses due to improper handling of questions from clients that are denied a recursion. An attacker can exploit this to prevent answers to those clients that are allowed to use recursion. (CVE-2005-2302)

Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to PowerDNS version 2.9.18 or later.

See Also

https://doc.powerdns.com/md/changelog/#version-2918

Plugin Details

Severity: Medium

ID: 87945

File Name: powerdns_2_9_18.nasl

Version: 1.3

Type: remote

Family: DNS

Published: 1/15/2016

Updated: 7/25/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:powerdns:powerdns

Required KB Items: Settings/ParanoidReport, pdns/version, pdns/version_full, pdns/version_source

Exploit Ease: No known exploits are available

Patch Publication Date: 7/16/2005

Vulnerability Publication Date: 7/16/2005

Reference Information

CVE: CVE-2005-2301, CVE-2005-2302

BID: 14290, 14291