Allele Security Alert
Denial of service via crafted zone records
PowerDNS Authoritative Server
PowerDNS Authoritative Server up to and including 4.1.9
PowerDNS Authoritative Server versions 4.1.10 and 4.0.8
Proof of concept
An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify.
Gert van Dijk
PowerDNS Security Advisory 2019-04: Denial of service via crafted zone records
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: June 25, 2019