This document is about PowerDNS 4.X. If you have PowerDNS 3.X, please see the PowerDNS 3.X documentation
PowerDNS Security Advisory 2006-02: Zero second CNAME TTLs can make PowerDNS exhaust allocated stack space, and crash
- CVE: CVE-2006-4252
- Date: 13th of November 2006
- Affects: PowerDNS Recursor versions 3.1.3 and earlier, on all operating systems.
- Not affected: No versions of the PowerDNS Authoritative Server ('pdns_server') are affected.
- Severity: Moderate
- Impact: Denial of service
- Exploit: This problem can be triggered by sending queries for specifically configured domains
- Solution: Upgrade to PowerDNS Recursor 3.1.4, or apply commit 919.
- Workaround: None known. Exposure can be limited by configuring the allow-from setting so only trusted users can query your nameserver.
PowerDNS would recurse endlessly on encountering a CNAME loop consisting entirely of zero second CNAME records, eventually exceeding resources and crashing.