CVE-2016-7068 : An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recurs

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the system becomes overloaded. This issue is based on the fact that the PowerDNS server parses all records present in a query regardless of whether they are needed or even legitimate. A specially crafted query containing a large number of records can be used to take advantage of that behaviour.

Published 2018-09-11 13:29:01

Updated 2019-10-09 23:19:30

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Products affected by CVE-2016-7068

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Powerdns » Recursor
Versions before (<) 3.7.4
cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
Matching versions
Powerdns » Recursor
Versions from including (>=) 4.0.0 and before (<) 4.0.4
cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
Matching versions
Powerdns » Authoritative
Versions from including (>=) 4.0.0 and before (<) 4.0.2
cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*
Matching versions
Powerdns » Authoritative
Versions before (<) 3.4.11
cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2016-7068

Top countries where our scanners detected CVE-2016-7068

Top open port discovered on systems with this issue 53

IPs affected by CVE-2016-7068 7,387

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2016-7068!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2016-7068

EPSS FAQ

0.09%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 23 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-7068

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
5.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L	3.9	1.4	Red Hat, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: Low

CWE ids for CVE-2016-7068

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: secalert@redhat.com (Secondary)
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-7068

https://doc.powerdns.com/md/security/powerdns-advisory-2016-02/

Advisory 2016-02
Vendor Advisory
https://www.debian.org/security/2017/dsa-3763

Debian -- Security Information -- DSA-3763-1 pdns-recursor
Third Party Advisory
https://www.debian.org/security/2017/dsa-3764

Debian -- Security Information -- DSA-3764-1 pdns
Third Party Advisory

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7068

1627365 – (CVE-2016-7068) CVE-2016-7068 pdns: Crafted queries can cause abnormal CPU usage
Issue Tracking;Third Party Advisory