This document is about PowerDNS 4.0. For other versions, please see the documentation index.

PowerDNS Security Advisory 2006-01: Malformed TCP queries can lead to a buffer overflow which might be exploitable

PowerDNS Recursor 3.1.3 and previous miscalculate the length of incoming TCP DNS queries, and will attempt to read up to 4 gigabytes of query into a 65535 byte buffer.

We have not verified if this problem might actually lead to a system compromise, but are acting on the assumption that it might.

For distributors, a minimal patch is available on the PowerDNS wiki. Additionally, those shipping very old versions of the PowerDNS Recursor might benefit from this patch.

The impact of these and other security problems can be lessened by considering the advice in FIXME: security-settings.