Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2020-25829

Published: 16/10/2020 Updated: 15/06/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Powerdns

Vulnerability Summary

An issue has been found in PowerDNS Recursor prior to 4.1.18, 4.2.x prior to 4.2.5, and 4.3.x prior to 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (dnssec=validate), and for clients requesting validation when on-demand validation is enabled (dnssec=process).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

powerdns recursor

opensuse leap 15.1

opensuse backports sle 15.0

opensuse leap 15.2

Vendor Advisories

Debian CVElist Bug Report Logs: pdns-recursor: CVE-2020-25829: cache pollution issue
Debian Bug report logs - #972159 pdns-recursor: CVE-2020-25829: cache pollution issue Package: src:pdns-recursor; Maintainer for src:pdns-recursor is pdns-recursor packagers <pdns-recursor@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 13 Oct 2020 12:33:02 UTC Severity: importa ...
Arch Linux Issues:
An issue has been found in PowerDNS Recursor before 435 where a remote attacker can cause the cached records for a given name to be updated to the ‘Bogus’ DNSSEC validation state, instead of their actual DNSSEC ‘Secure’ state, via a DNS ANY query This results in a denial of service for installations that always validate (dnssec=validate) ...

Mailing Lists

Full Disclosure: PowerDNS Recursor 4.3.5, 4.2.5. and 4.1.18 released fixing a cache pollution issue (CVE-2020-25829)
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> PowerDNS Recursor 435, 425 and 4118 released fixing a cache pollution issue (CVE-2020-25829) <!--X-Subject-Header-End-- ...

References

NVD-CWE-noinfohttps://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-10/msg00036.htmlhttps://security.gentoo.org/glsa/202012-19https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972159https://nvd.nist.govhttps://security.archlinux.org/CVE-2020-25829
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook