[Pdns-dev] [Pdns-users] PowerDNS Security Advisory 2012-01: Denial of Service vulnerability in most versions of the PowerDNS Authoritative Server

Peter van Dijk peter.van.dijk at netherlabs.nl
Tue Jan 10 15:37:28 CET 2012

Dear PowerDNS users,

On Jan 10, 2012, at 15:01 , bert hubert wrote:

> |Workaround   |Several, the easiest is setting: cache-ttl=0, which does have a|
> |             |performance impact. Please see below.                          |

Based on a detailed report from a user (thank you!) I recommend also setting recursive-cache-ttl=0. For reasons yet to be investigated, even with 'allow-recursion' set correctly, exploiting may be possible if there is a recursor configured.

Kind regards,
Peter van Dijk

More information about the Pdns-dev mailing list