CVE-2019-3806

Name of the Vulnerable Software and Affected Versions PowerDNS Recursor versions 4.1.3 through 4.1.8

Description The issue concerns the improper application of Lua hooks to queries received over TCP in specific settings, potentially bypassing security policies enforced using Lua. This could lead to security breaches due to the failure of Lua hooks to properly filter or manage incoming queries.

Recommendations For PowerDNS Recursor versions 4.1.3 through 4.1.8, update to version 4.1.9 or later to resolve the issue. As a temporary workaround, consider restricting the use of TCP queries or reviewing and adjusting Lua hook configurations to minimize the risk of exploitation.