Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

ASA-202107-73 - log back

ASA-202107-73 edited at 30 Jul 2021 22:31:44

Workaround

-	Users that cannot upgrade immediately, but do have dnsdist in place, can use dnsdist to filter such queries before they do harm, with something like addAction(QTypeRule(65535), RCodeAction(DNSRCode.REFUSED)).
+	Users that cannot upgrade immediately, but do have dnsdist in place,
+	can use dnsdist to filter such queries before they do harm, with
+	something like addAction(QTypeRule(65535),
+	RCodeAction(DNSRCode.REFUSED)).

ASA-202107-73 edited at 27 Jul 2021 10:32:54

Workaround

+	Users that cannot upgrade immediately, but do have dnsdist in place, can use dnsdist to filter such queries before they do harm, with something like addAction(QTypeRule(65535), RCodeAction(DNSRCode.REFUSED)).

Impact

+	A remote attacker could crash the DNS server with a crafted query.

ASA-202107-73 created at 27 Jul 2021 10:30:24