[Pdns-dev] Pre-announcement of PowerDNS Security Advisory 2012-01 to be released on the 10th of January

bert hubert bert.hubert at netherlabs.nl
Mon Jan 9 08:27:11 CET 2012

Hash: SHA1

Dear PowerDNS users,

Tomorrow (Tuesday the 10th of January) at 9AM eastern time, 15:00 Central
European Time, we will be releasing an important PowerDNS Security Advisory.

This Advisory contains details of a Denial of Service issue within all
currently used versions of the PowerDNS Authoritative Server.

We will be releasing:
	* A configuration based workaround, which might have a performance

	* An iptables based workaround

	* Versions and 3.0.1 of the Authoritative Server
		As source code
		Packages (static 32 bit and 64 bit for Debian and RPM based
		Linux distributions)

	* A one-line patch that solves the issue for source based users

	* Complete details of the problem

The denial of service attack is temporary in nature, but can be performed
using limited resources. There is no risk of a system compromise because of
this attack.

This pre-announcement is made to allow operators to schedule a maintenance
window to possibly upgrade or modify their systems.

If you anticipate requiring help upgrading your affected systems, please
contact powerdns.support at netherlabs.nl.

Some more details:
CVE: CVE-2012-0206
Date: 10th of January 2012

Affects: Most PowerDNS Authoritative Server versions < 3.0.1 (with the 
exception of

Not affected: No versions of the PowerDNS Recursor ('pdns_recursor') are

Severity: High
Impact: Temporary denial of service
Exploit: Proof of concept
Risk of system compromise: No
Solution: Upgrade to PowerDNS Recursor or 3.0.1
Workaround: Several

Kind regards,

Bert Hubert
- -- 
PowerDNS Website: http://www.powerdns.com/
PowerDNS Community Website: http://wiki.powerdns.com/
PowerDNS Support & Development is provided by Netherlabs Computer Consulting
Version: GnuPG v1.4.10 (GNU/Linux)


More information about the Pdns-dev mailing list