OpenSUSE Linux update for pdns-recursor
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-14196 CVE-2020-25829 |
| CWE-ID | CWE-284 CWE-20 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software |
Opensuse Operating systems & Components / Operating system SUSE Linux Operating systems & Components / Operating system SUSE Package Hub for SUSE Linux Enterprise Universal components / Libraries / Libraries used by multiple products |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU29577
Risk: Medium
CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-14196
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to ACL applied to the internal web server via "webserver-allow-from" is not properly enforced. A remote attacker can send HTTP queries to the internal web server, bypassing the restriction.
Successful exploitation of the vulnerability requires that the the API webserver is enabled (not the default value).
Update the affected packages.
Opensuse: 15.1 - 15.2
SUSE Package Hub for SUSE Linux Enterprise: 12
SUSE Linux: 15
CPE2.3- cpe:2.3:o:suse:opensuse:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:suse:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:suse_linux:15:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2020-10/msg00037.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Input validation error
EUVDB-ID: #VU47532
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-25829
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cache poisoning attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause the cached records for a given name to be updated to the ‘Bogus’ DNSSEC validation state, instead of their actual DNSSEC ‘Secure’ state, via a DNS ANY query. This results in a denial of service for installations that always validate (dnssec=validate) and for clients requesting validation when on-demand validation is enabled (dnssec=process).
MitigationUpdate the affected packages.
Opensuse: 15.1 - 15.2
SUSE Package Hub for SUSE Linux Enterprise: 12
SUSE Linux: 15
CPE2.3- cpe:2.3:o:suse:opensuse:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:suse:suse_package_hub_for_suse_linux_enterprise:12:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:suse_linux:15:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2020-10/msg00037.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
