Subject: [ASA-201903-13] powerdns: insufficient validation Arch Linux Security Advisory ASA-201903-13 ========================================== Severity: High Date : 2019-03-22 CVE-ID : CVE-2019-3871 Package : powerdns Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-927 Summary ======= The package powerdns before version 4.1.7-1 is vulnerable to insufficient validation. Resolution ========== Upgrade to 4.1.7-1. # pacman -Syu "powerdns>=4.1.7-1" The problem has been fixed upstream in version 4.1.7. Workaround ========== None. Description =========== An issue has been found in PowerDNS Authoritative Server before 4.1.7, when the HTTP remote backend is used in RESTful mode (without post=1 set), allowing a remote user to cause the HTTP backend to connect to an attacker-specified host instead of the configured one, via a crafted DNS query. This can be used to cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker-controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers. Impact ====== A remote user can cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker- controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers. References ========== https://seclists.org/oss-sec/2019/q1/185 https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html https://github.com/PowerDNS/pdns/issues/7573 https://github.com/PowerDNS/pdns/pull/7577 https://security.archlinux.org/CVE-2019-3871