(Gentoo Issues Fix) MaraDNS Hash Table Collision Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1026734 |
|
SecurityTracker URL: http://securitytracker.com/id/1026734
|
|
CVE Reference:
CVE-2012-0024
(Links to External Site)
|
Date: Feb 23 2012
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 1.3.x prior to 1.3.07.13, 1.4.x prior to 1.4.09
|
Description:
A vulnerability was reported in MaraDNS. A remote user can cause denial of service conditions.
A remote user can send specially crafted DNS recursive queries to trigger hash collisions and cause significant performance degradation on the target server.
MaraDNS 2 is not affected.
Alexander Klink of n.runs AG and Julian Walde of Technische Universitat Darmstadt reported this vulnerability. Scott A. Crosby and Dan S. Wallach of Rice University reported the theoretical attack.
|
Impact:
A remote user can cause performance to degrade on the target server.
|
Solution:
Gentoo has issued a fix.
The Gentoo advisory is available at:
http://security.gentoo.org/glsa/glsa-201202-03.xml
|
Vendor URL: www.maradns.org/ (Links to External Site)
|
Cause:
Randomization error
|
Underlying OS:
Linux (Gentoo)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 23 Feb 2012 05:51:37 +0000
Subject: GLSA
|
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201202-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: MaraDNS: Denial of Service
Date: February 22, 2012
Bugs: #397431
ID: 201202-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
A hash collision vulnerability in MaraDNS allows remote attackers to
cause a Denial of Service condition.
Background
==========
MaraDNS is a proxy DNS server with permanent caching.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/maradns < 1.4.09 >= 1.4.09
Description
===========
MaraDNS does not properly randomize hash functions to protect against
hash collision attacks.
Impact
======
A remote attacker could send many specially crafted DNS recursive
queries, possibly resulting in a Denial of Service condition.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All MaraDNS users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/maradns-1.4.09"
References
==========
[ 1 ] CVE-2012-0024
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0024
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201202-03.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@g.o or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
|
|
