1. DNS/PowerDNS/Recursor
1.1. pdns-4.0.3
./configure --with-modules="" --without-lua
checking for Boost headers version >= 1.35.0... no configure: error: cannot find Boost headers version >= 1.35.0
https://doc.powerdns.com/md/recursor/settings/ settings
- The 0x20 defenseは実装されていないらしい。
1.2. Ghost Domain Names
PowerDNS Recursor version 3.5
Released April 15th, 2013
Changes between RC1 and RC2
While Recursor 3.3 was not vulnerable to the specific attack noted in 'Ghost Domain Names: Revoked Yet Still Resolvable' (more information at A New DNS Exploitation Technique: Ghost Domain Names), further investigation showed that a variant of the attack could work.
This was fixed in commit 3085. This should also close the slightly bogus CVE-2012-1193. Closes ticket 668.
詳細不明 http://wiki.powerdns.com/trac/changeset/3085
- NSレコードのTTLを制限するようにしたと読めるが。
-- ToshinoriMaeno 2014-12-11 04:50:12