Allele Security Alert
ASA-2018-00036
Identifier(s)
ASA-2018-00036, CVE-2018-14626
Title
Packet cache pollution via crafted query
Vendor(s)
PowerDNS
Product(s)
PowerDNS Authoritative
PowerDNS Recursor
Affected version(s)
PowerDNS Authoritative from 4.1.0 up to and including 4.1.4
PowerDNS Recursor from 4.0.0 up to and including 4.1.4
Fixed version(s)
PowerDNS Authoritative 4.1.5, 4.0.x
PowerDNS Recursor 4.1.5, 4.0.9
Proof of concept
Unknown
Description
An issue has been found in PowerDNS Authoritative Server allowing a remote user to craft a DNS query that will cause an answer without DNSSEC records to be inserted into the packet cache and be returned to clients asking for DNSSEC records, thus hiding the presence of DNSSEC signatures for a specific qname and qtype. For a DNSSEC-signed domain, this means that DNSSEC validating clients will consider the answer to be bogus until it expires from the packet cache, leading to a denial of service.
An issue has been found in PowerDNS Recursor allowing a remote user to craft a DNS query that will cause an answer without DNSSEC records to be inserted into the packet cache and be returned to clients asking for DNSSEC records, thus hiding the presence of DNSSEC signatures for a specific qname and qtype. For a DNSSEC-signed domain, this means that clients performing DNSSEC validation by themselves might consider the answer to be bogus until it expires from the packet cache, leading to a denial of service.
Reference(s)
PowerDNS Security Advisories 2018-03, 2018-04, 2018-05, 2018-06 and 2018-07
https://seclists.org/oss-sec/2018/q4/137
PowerDNS Security Advisory 2018-05: Packet cache pollution via crafted query
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-05.html
PowerDNS Security Advisory 2018-06: Packet cache pollution via crafted query
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-06.html
CVE-2018-14626-auth-4.1.4.patch
https://downloads.powerdns.com/patches/2018-05/CVE-2018-14626-auth-4.1.4.patch
CVE-2018-14626-rec-4.0.8.patch
https://downloads.powerdns.com/patches/2018-06/CVE-2018-14626-rec-4.0.8.patch
CVE-2018-14626-rec-4.1.4.patch
https://downloads.powerdns.com/patches/2018-06/CVE-2018-14626-rec-4.1.4.patch
CVE-2018-14626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14626
CVE-2018-14626
https://nvd.nist.gov/vuln/detail/CVE-2018-14626
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: November 8, 2018