26th Jul 2018 – CVE-2018-1046 (POWERDNS)

Cyber attack wreak havoc, perhaps this is a digital world. We focus cyber attacks happens in company and personal workstation in past decade. The smartphones and IoT devices market coverage bigger than hardward devices in business world. From business point of view, it is a good oppuntunities. The telcom services providers will be more business growth. Meanwhile the cyber security attacks looks like a heavy burden in their business operations.

DNS services is the major components of internet server. Their services similar a phone book.

f you are the customer of PowerDNS, you must be stay alert! For more details, please see below reference (Hyperlink):

PDNS before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the -ecs-stamp option of dnsreplay is used.

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1046

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.