SB2025011443 - Ubuntu update for pdns

Description

This security bulletin contains information about 6 secuirty vulnerabilities.

1) Cross-site scripting (CVE-ID: CVE-2018-1046)

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The weakness exists in the ban_canLogin function in index.php due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

2) Memory leak (CVE-ID: CVE-2018-10851)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The vulnerability exists due to memory leak when handling malicious input. A remote attacker can insert a specially crafted record in a zone under his control, send a DNS query for that record, trigger memory leak and cause the service to crash.

3) Improper input validation (CVE-ID: CVE-2018-14626)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to DNSSEC validating clients consider the answer to be bogus until it expires from the packet cache. A remote attacker can craft a DNS query, cause an answer without DNSSEC records to be inserted into the packet cache and be returned to clients asking for DNSSEC records, thus hiding the presence of DNSSEC signatures for a specific qname and qtype.

4) Improper input validation (CVE-ID: CVE-2018-14644)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to an error if the parent zone is signed, and all the authoritative servers for that parent zone answer with FORMERR to a query for at least one of the meta-types. A remote attacker can send a DNS query for a meta-type like OPT, lead to a zone being wrongly cached as failing DNSSEC validation and cause subsequent queries from clients to request DNSSEC validation answered with a ServFail.

5) Information disclosure (CVE-ID: CVE-2020-17482)

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting data via a control panel, or somebody with access to the REST API.

6) Input validation error (CVE-ID: CVE-2022-27227)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of an incoming IXFR transfer. A remote attacker can pass specially crafted input to the server and cause incomplete zone transfer to be handled as successful transfers.

Remediation

Install update from vendor's website.

References

• https://ubuntu.com/security/notices/USN-7203-1