Gentoo Logo

PowerDNS: Denial of Service vulnerability


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200502-15 / PowerDNS
Release Date February 13, 2005
Latest Revision May 22, 2006: 02
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
net-dns/pdns < 2.9.17 >= 2.9.17 All supported architectures

Related bugreports: #80713


A vulnerability in PowerDNS could lead to a temporary Denial of Service.

2.  Impact Information


The PowerDNS Nameserver is an authoritative-only nameserver which uses a flexible backend architecture.


A vulnerability has been reported in the DNSPacket::expand method of


An attacker could cause a temporary Denial of Service by sending a random stream of bytes to the PowerDNS Daemon.

3.  Resolution Information


There is no known workaround at this time.


All PowerDNS users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/pdns-2.9.17"

4.  References


Page updated February 13, 2005

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.