Following security problem has been found in maradns package shipped in Mageia 1 : * CVE-2011-5055: MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted queries with the Recursion Desired (RD) bit set. NOTE: this issue exists because of an incomplete fix for CVE-2012-0024. The updated package has been updated to latest version of 1.4.x series, to fix this issue, plus some other bug fixes.
Testing on i586 complete for the srpm maradns-1.4.09-1.mga1.src.rpm After installing, I had to edit /etc/maradns/mararc.recursive and set recursive_acl = "192.168.1.0/16, 127.0.0.1/8" Then, after "service maradns start" "dig @127.0.0.1 www.yahoo.com" returned the ip, with a second run returning the value from the cache.
CC: (none) => davidwhodgins
Hi Funda, Thanks for uploading this fix, and thanks QA for testing it. Unfortunately, just moments later there was a message on the maradns list saying that 1.4.09 did not properly fix this issue. See http://woodlane.webconquest.com/pipermail/list/2012-January/001048.html for that. I'll submit a fix for this today unless Funda beats me to it :-)
CC: (none) => remco
I will not beat you, but still faster than you :p
Testing complete for the srpm maradns-1.4.10-1.mga1.src.rpm on Mageia release 1 (Official) for x86_64. So here the result (for maradns-using a publically accessible ip address) after : # service powerdns stop # service maradns start # dig @127.0.0.1 www.yahoo.com ; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 www.yahoo.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60710 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.yahoo.com. IN A ;; ANSWER SECTION: www.yahoo.com. 300 IN CNAME fp3.wg1.b.yahoo.com. fp3.wg1.b.yahoo.com. 300 IN A 87.248.122.122 ;; Query time: 771 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun Jan 15 18:05:52 2012 ;; MSG SIZE rcvd: 71
CC: (none) => geiger.david68210
Testing complete on i586 for maradns. Could someone from the sysadmin team push the srpm maradns-1.4.10-1.mga1.src.rpm from Core Updates Testing to Core Updates. Advisory: This security update for maradns corrects CVE-2011-5055. MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted queries with the Recursion Desired (RD) bit set. NOTE: this issue exists because of an incomplete fix for CVE-2012-0024. The updated package has been updated to latest version of 1.4.x series, to fix this issue, plus some other bug fixes. https://bugs.mageia.org/show_bug.cgi?id=4118
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
update pushed
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED