Ubuntu update for pdns
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2018-1046 CVE-2018-10851 CVE-2018-14626 CVE-2018-14644 CVE-2020-17482 CVE-2022-27227 |
| CWE-ID | CWE-79 CWE-401 CWE-20 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system pdns-tools (Ubuntu package) Operating systems & Components / Operating system package or component pdns-server (Ubuntu package) Operating systems & Components / Operating system package or component pdns-recursor (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Cross-site scripting
EUVDB-ID: #VU12562
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1046
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The weakness exists in the ban_canLogin function in index.php due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationUpdate the affected package pdns to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 22.04
pdns-tools (Ubuntu package): before Ubuntu Pro
pdns-server (Ubuntu package): before Ubuntu Pro
pdns-recursor (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:pdns-tools_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-server_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-recursor_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7203-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory leak
EUVDB-ID: #VU15960
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10851
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The vulnerability exists due to memory leak when handling malicious input. A remote attacker can insert a specially crafted record in a zone under his control, send a DNS query for that record, trigger memory leak and cause the service to crash.
Mitigation
Update the affected package pdns to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 22.04
pdns-tools (Ubuntu package): before Ubuntu Pro
pdns-server (Ubuntu package): before Ubuntu Pro
pdns-recursor (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:pdns-tools_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-server_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-recursor_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7203-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU15961
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-14626
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to DNSSEC validating clients consider the answer to be bogus until it expires from the packet cache. A remote attacker can craft a DNS query, cause an answer without DNSSEC records to be inserted into the packet cache and be returned to clients asking for DNSSEC records, thus hiding the presence of DNSSEC signatures for a specific qname and qtype.
MitigationUpdate the affected package pdns to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 22.04
pdns-tools (Ubuntu package): before Ubuntu Pro
pdns-server (Ubuntu package): before Ubuntu Pro
pdns-recursor (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:pdns-tools_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-server_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-recursor_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7203-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper input validation
EUVDB-ID: #VU15962
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-14644
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to an error if the parent zone is signed, and all the authoritative servers for that parent zone answer with FORMERR to a query for at least one of the meta-types. A remote attacker can send a DNS query for a meta-type like OPT, lead to a zone being wrongly cached as failing DNSSEC validation and cause subsequent queries from clients to request DNSSEC validation answered with a ServFail.
MitigationUpdate the affected package pdns to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 22.04
pdns-tools (Ubuntu package): before Ubuntu Pro
pdns-server (Ubuntu package): before Ubuntu Pro
pdns-recursor (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:pdns-tools_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-server_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-recursor_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7203-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU47123
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-17482
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting data via a control panel, or somebody with access to the REST API.
MitigationUpdate the affected package pdns to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 22.04
pdns-tools (Ubuntu package): before Ubuntu Pro
pdns-server (Ubuntu package): before Ubuntu Pro
pdns-recursor (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:pdns-tools_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-server_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-recursor_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7203-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU61631
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-27227
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of an incoming IXFR transfer. A remote attacker can pass specially crafted input to the server and cause incomplete zone transfer to be handled as successful transfers.
MitigationUpdate the affected package pdns to the latest version.
Vulnerable software versionsUbuntu: 16.04 - 22.04
pdns-tools (Ubuntu package): before Ubuntu Pro
pdns-server (Ubuntu package): before Ubuntu Pro
pdns-recursor (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:16.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:pdns-tools_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-server_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:pdns-recursor_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7203-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
