1 PowerDNS Security Advisory 2020-03: Information disclosure
2 ==========================================================
6 - Affects: PowerDNS Recursor from 4.1.0 up to and including 4.3.0
7 - Not affected: 4.3.1, 4.2.2, 4.1.16
9 - Impact: Information Disclosure, Denial of Service
10 - Exploit: This problem can be triggered via a crafted hostname
11 - Risk of system compromise: No
12 - Solution: Upgrade to a non-affected version
15 An issue has been found in PowerDNS Authoritative Server allowing an
16 attacker with enough privileges to change the system's hostname to
17 cause disclosure of uninitialized memory content via a stack-based
19 It only occurs on systems where gethostname() does not null-terminate
20 the returned string if the hostname is larger than the supplied buffer.
21 Linux systems are not affected because the buffer is always large enough.
22 OpenBSD systems are not affected because the returned hostname is always
24 Under some conditions this issue can lead to the writing of one null-byte
25 out-of-bounds on the stack, causing a denial of service or possibly
26 arbitrary code execution.
28 This issue has been assigned CVE-2020-10030.
30 PowPowerDNS Recursor from 4.1.0 up to and including 4.3.0 is affected.
32 Please note that at the time of writing, PowerDNS Authoritative 4.0 and
33 below are no longer supported, as described in
34 https://doc.powerdns.com/authoritative/appendices/EOL.html.
36 We would like to thank Valentei Sergey for finding and subsequently