Vulnerabilities > CVE-2014-3614 - Unspecified vulnerability in Powerdns Recursor 3.6.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
powerdns
nessus

Summary

Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.

Vulnerable Configurations

Part Description Count
Application
Powerdns
1

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-10632.NASL
    description - PowerDNS Recursor Security Release 3.6.1 - CVE-2014-3614 Issue: A specific sequence of packets can crash PowerDNS Recursor 3.6.0 remotely (CVE-2014-3614) Affected: All deployments of PowerDNS Recursor 3.6.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-09-22
    plugin id77766
    published2014-09-22
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77766
    titleFedora 20 : pdns-recursor-3.6.1-1.fc20 (2014-10632)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2014-10632.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(77766);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2014-3614");
      script_bugtraq_id(69778);
      script_xref(name:"FEDORA", value:"2014-10632");
    
      script_name(english:"Fedora 20 : pdns-recursor-3.6.1-1.fc20 (2014-10632)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - PowerDNS Recursor Security Release 3.6.1
    
        - CVE-2014-3614
    
    Issue: A specific sequence of packets can crash PowerDNS Recursor
    3.6.0 remotely (CVE-2014-3614) Affected: All deployments of PowerDNS
    Recursor 3.6.0
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1139251"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137798.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?1704bd97"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected pdns-recursor package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:pdns-recursor");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/09/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/22");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC20", reference:"pdns-recursor-3.6.1-1.fc20")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pdns-recursor");
    }
    
  • NASL familyDNS
    NASL idPOWERDNS_3_6_1.NASL
    descriptionAccording to its self-reported version number, the version of the PowerDNS Recursor service listening on the remote host is version 3.6.0. It is, therefore, affected by a denial of service vulnerability due to improper handling of malformed packet sequences. An unauthenticated, remote attacker can exploit this to crash the application, resulting in a denial of service condition. Note that Nessus has not attempted to exploit this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id77780
    published2014-09-22
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77780
    titlePowerDNS Recursor 3.6.0 Packet Sequence Handling DoS
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(77780);
      script_version("1.5");
      script_cvs_date("Date: 2019/11/25");
    
      script_cve_id("CVE-2014-3614");
      script_bugtraq_id(69778);
    
      script_name(english:"PowerDNS Recursor 3.6.0 Packet Sequence Handling DoS");
      script_summary(english:"Checks the version of PowerDNS Recursor.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote name server is affected by a denial of service
    vulnerability.");
      script_set_attribute(attribute:"description", value:
    "According to its self-reported version number, the version of the
    PowerDNS Recursor service listening on the remote host is version
    3.6.0. It is, therefore, affected by a denial of service vulnerability
    due to improper handling of malformed packet sequences. An
    unauthenticated, remote attacker can exploit this to crash the
    application, resulting in a denial of service condition.
    
    Note that Nessus has not attempted to exploit this issue but has
    instead relied only on the application's self-reported version number.
    Also, Nessus has not checked for the presence of the patch or the
    workaround.");
      script_set_attribute(attribute:"see_also", value:"https://doc.powerdns.com/md/security/powerdns-advisory-2014-01/");
      script_set_attribute(attribute:"see_also", value:"https://doc.powerdns.com/md/changelog/#changelog-recursor-3.6.1");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to PowerDNS Recursor 3.6.1 or later. Alternatively, apply the
    patch or workaround referenced in the vendor advisory.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-3614");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2014/09/10");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/22");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:powerdns:powerdns");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:powerdns:powerdns_recursor");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"DNS");
    
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("pdns_version.nasl");
      script_require_keys("pdns/version_full", "pdns/version_source", "pdns/type", "Settings/ParanoidReport");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    
    app_name = "PowerDNS Recursor";
    version_source = get_kb_item_or_exit("pdns/version_source");
    version_full = get_kb_item_or_exit("pdns/version_full");
    type = get_kb_item_or_exit("pdns/type");
    
    fix = '3.6.1';
    port = 53;
    
    # Only the Recursor is affected
    if (type != 'recursor')
      audit(AUDIT_NOT_LISTEN, app_name, port, "UDP");
    
    if (version_full == UNKNOWN_VER) audit(AUDIT_UNKNOWN_APP_VER, app_name);
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    if (version_full !~ "^3\.6(\.0)?($|[^0-9.])")
      audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version_full, "UDP");
    
    if (report_verbosity > 0)
    {
      report =
        '\n  Version source    : ' + version_source +
        '\n  Installed version : ' + version_full +
        '\n  Fixed version     : ' + fix +
        '\n';
      security_warning(port:port, proto:"udp", extra:report);
    }
    else security_warning(port:port, proto:"udp");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-10628.NASL
    description - PowerDNS Recursor Security Release 3.6.1 - CVE-2014-3614 Issue: A specific sequence of packets can crash PowerDNS Recursor 3.6.0 remotely (CVE-2014-3614) Affected: All deployments of PowerDNS Recursor 3.6.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-09-22
    plugin id77765
    published2014-09-22
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77765
    titleFedora 19 : pdns-recursor-3.6.1-1.fc19 (2014-10628)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2014-10628.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(77765);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12");
    
      script_cve_id("CVE-2014-3614");
      script_bugtraq_id(69778);
      script_xref(name:"FEDORA", value:"2014-10628");
    
      script_name(english:"Fedora 19 : pdns-recursor-3.6.1-1.fc19 (2014-10628)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - PowerDNS Recursor Security Release 3.6.1
    
        - CVE-2014-3614
    
    Issue: A specific sequence of packets can crash PowerDNS Recursor
    3.6.0 remotely (CVE-2014-3614) Affected: All deployments of PowerDNS
    Recursor 3.6.0
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=1139251"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137672.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?09f01859"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected pdns-recursor package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:pdns-recursor");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/09/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/09/22");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC19", reference:"pdns-recursor-3.6.1-1.fc19")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pdns-recursor");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-10600.NASL
    description - PowerDNS Recursor Security Release 3.6.1 - CVE-2014-3614 Issue: A specific sequence of packets can crash PowerDNS Recursor 3.6.0 remotely (CVE-2014-3614) Affected: All deployments of PowerDNS Recursor 3.6.0 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-09-23
    plugin id77790
    published2014-09-23
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77790
    titleFedora 21 : pdns-recursor-3.6.1-1.fc21 (2014-10600)