PowerDNS had released an update to address security vulnerability and it is recommended that you update as soon as possible.
Following are the detailed information on this security vulnerability and the versions which were affected by this PowerDNS security vulnerability:
CVE: CVE-2015-1868
Date: 23rd of April 2015
Affects: PowerDNS Recursor versions 3.5 and up; Authoritative Server 3.2 and up
Not affected: Recursor 3.6.3; Recursor 3.7.2; Auth 3.3.2; Auth 3.4.4
Severity: High
Impact: Degraded service
Exploit: This problem can be triggered by sending queries for specifically configured domains, or by sending specially crafted query packets
Risk of system compromise: No
Solution: Upgrade to any of the non-affected versions
Workaround: Run your Recursor under a supervisor. Exposure can be limited by configuring the allow-from setting so only trusted users can query your nameserver. There is no workaround for the Authoritative server.
Existing PowerDNS users can upgrade to latest version or the version which is not affected by this PowerDNS security vulnerability. Alternatively, PowerDNS users want to apply a minimal fix to your own tree, please find patches here.
The post PowerDNS security vulnerability appeared first on Web Hosting News.