Signature Detail

DNS: PowerDNS Recursive Out of Bounds Read Denial of Service

This signature detects attempts to exploit a known vulnerability against PowerDNS. The vulnerability is due to improper processing of crafted DNS queries, leading to out-of-bounds read. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted query to the target server. A successful attack could lead to PowerDNS abnormally terminating, leading to a denial-of-service condition.

Extended Description

An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.

Affected Products

• Powerdns recursor 3.0
• Powerdns recursor 3.0.1
• Powerdns recursor 3.1.1
• Powerdns recursor 3.1.2
• Powerdns recursor 3.1.3
• Powerdns recursor 3.1.4
• Powerdns recursor 3.1.5
• Powerdns recursor 3.1.6
• Powerdns recursor 3.1.7
• Powerdns recursor 3.1.7.1
• Powerdns recursor 3.1.7.2
• Powerdns recursor 3.2
• Powerdns recursor 3.3
• Powerdns recursor 3.3.1
• Powerdns recursor 3.5
• Powerdns recursor 3.5.1
• Powerdns recursor 3.5.2
• Powerdns recursor 3.5.3
• Powerdns recursor 3.6.0
• Powerdns recursor 3.6.1
• Powerdns recursor 3.6.2
• Powerdns recursor 3.6.3
• Powerdns recursor 3.6.4
• Powerdns recursor 3.7.0
• Powerdns recursor 3.7.1
• Powerdns recursor 3.7.2
• Powerdns recursor 3.7.3
• Powerdns recursor 3.7.4
• Powerdns recursor 4.0.0
• Powerdns recursor 4.0.1
• Powerdns recursor 4.0.2
• Powerdns recursor 4.0.3
• Powerdns recursor 4.0.4
• Powerdns recursor 4.0.5
• Powerdns recursor 4.0.6
• Powerdns recursor 4.0.7
• Powerdns recursor 4.0.8
• Powerdns recursor 4.1.0
• Powerdns recursor 4.1.1
• Powerdns recursor 4.1.2
• Powerdns recursor 4.1.3
• Powerdns recursor 4.1.4
• Powerdns recursor 4.1.5
• Powerdns recursor 4.1.6
• Powerdns recursor 4.1.7

References

• CVE: CVE-2018-16855