Table 1.2. PowerDNS Security Advisory
CVE | CVE-2006-4252 |
Date | 13th of November 2006 |
Affects | PowerDNS Recursor versions 3.1.3 and earlier, on all operating systems. |
Not affected | No versions of the PowerDNS Authoritative Server ('pdns_server') are affected. |
Severity | Moderate |
Impact | Denial of service |
Exploit | This problem can be triggered by sending queries for specifically configured domains |
Solution | Upgrade to PowerDNS Recursor 3.1.4, or apply commit 919. |
Workaround | None known. Exposure can be limited by configuring the allow-from setting so only trusted users can query your nameserver. |
PowerDNS would recurse endlessly on encountering a CNAME loop consisting entirely of zero second CNAME records, eventually exceeding resources and crashing.