CVE-2020-12244 - log back

CVE-2020-12244 edited at 19 May 2020 10:45:47
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Insufficient validation
Description
+ An issue has been found in PowerDNS Recursor before 4.3.1 and 4.2.2 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer. This would allow an attacker in position of man-in-the-middle to send a NXDOMAIN answer for a name that does exist, bypassing DNSSEC validation.
References
+ https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-02.html
+ https://github.com/PowerDNS/pdns/commit/4bba0ec04aacbec08fe585ad790e2e8e0cb7b04a
CVE-2020-12244 created at 19 May 2020 10:44:46
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes