ASA-2019-00478 – PowerDNS Authoritative Server: Denial of service via crafted zone records


Allele Security Alert

ASA-2019-00478

Identifier(s)

ASA-2019-00478, CVE-2019-10203

Title

Denial of service via crafted zone records

Vendor(s)

PowerDNS

Product(s)

PowerDNS Authoritative Server

Affected version(s)

PowerDNS Authoritative Server up to and including 4.1.10 is affected when using the gpgsql (PostgreSQL) backend

Fixed version(s)

To fix the issue, run* the following command against your PostgreSQL pdns database:

`ALTER TABLE domains ALTER notified_serial TYPE bigint USING CASE WHEN notified_serial >= 0 THEN notified_serial::bigint END;`

No software changes are required.

Updated packages (that only contain a Postgres schema change) will be released later.

Proof of concept

Unknown

Description

An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it tries to store the notified serial in the PostgreSQL database, if this serial cannot be represented in 31 bits.

Technical details

Unknown

Credits

Klaus Darilion

Reference(s)

PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records
https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-06.html

PowerDNS Security Advisory 2019-06: Denial of service via crafted zone records
https://www.openwall.com/lists/oss-security/2019/07/30/2

CVE-2019-10203
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10203

CVE-2019-10203
https://nvd.nist.gov/vuln/detail/CVE-2019-10203

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: August 5, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.