[manjaro-security] [ASA-201805-1] powerdns: arbitrary code execution

Jelle van der Waa jelle at archlinux.org
Wed May 9 21:05:35 CEST 2018


Arch Linux Security Advisory ASA-201805-1
=========================================

Severity: High
Date    : 2018-05-09
CVE-ID  : CVE-2018-1046
Package : powerdns
Type    : arbitrary code execution
Remote  : No
Link    : https://security.archlinux.org/AVG-686

Summary
=======

The package powerdns before version 4.1.2-1 is vulnerable to arbitrary
code execution.

Resolution
==========

Upgrade to 4.1.2-1.

# pacman -Syu "powerdns>=4.1.2-1"

The problem has been fixed upstream in version 4.1.2.

Workaround
==========

None.

Description
===========

An issue has been found in the dnsreplay tool provided with PowerDNS
Authoritative, where replaying a specially crafted PCAP file can
trigger a stack based buffer overflow, leading to a crash and
potentially arbitrary code execution. This buffer overflow only occurs
when the --ecs-stamp option of dnsreplay is used. Regardless of this
issue, the use of dnsreplay with untrusted PCAP files is not advised.

Impact
======

A local attacker is be able to cause a denial of service or execute
arbitrary code via a specially crafted PCAP file.

References
==========

https://marc.info/?l=oss-security&m=152585376901543
https://github.com/PowerDNS/pdns/commit/f9c57c98da1b1007a51680629b667d57d9b702b8
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html
https://security.archlinux.org/CVE-2018-1046
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20180509/ecf8eebd/attachment.sig>


More information about the manjaro-security mailing list