CVE-2006-4251

2006-11-1419:07:00

[email protected]

web.nvd.nist.gov

cve-2006-4251

buffer overflow

powerdns recursor

remote code execution

tcp dns query

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.108 Low

EPSS

Percentile

95.1%

JSON

Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length.

Affected configurations

NVD

Node

powerdnsrecursorRange≤3.1.3

powerdnsrecursorMatch2.0_rc1

powerdnsrecursorMatch2.8

powerdnsrecursorMatch2.9.15

powerdnsrecursorMatch2.9.16

powerdnsrecursorMatch2.9.17

powerdnsrecursorMatch2.9.18

powerdnsrecursorMatch3.0

powerdnsrecursorMatch3.0.1

powerdnsrecursorMatch3.1

powerdnsrecursorMatch3.1.1

powerdnsrecursorMatch3.1.2

CPENameOperatorVersion
powerdns:recursorpowerdns recursorle3.1.3
powerdns:recursorpowerdns recursoreq2.0_rc1
powerdns:recursorpowerdns recursoreq2.8
powerdns:recursorpowerdns recursoreq2.9.15
powerdns:recursorpowerdns recursoreq2.9.16
powerdns:recursorpowerdns recursoreq2.9.17
powerdns:recursorpowerdns recursoreq2.9.18
powerdns:recursorpowerdns recursoreq3.0
powerdns:recursorpowerdns recursoreq3.0.1
powerdns:recursorpowerdns recursoreq3.1

CPE	Name	Operator	Version
powerdns:recursor	powerdns recursor	le	3.1.3
powerdns:recursor	powerdns recursor	eq	2.0_rc1
powerdns:recursor	powerdns recursor	eq	2.8
powerdns:recursor	powerdns recursor	eq	2.9.15
powerdns:recursor	powerdns recursor	eq	2.9.16
powerdns:recursor	powerdns recursor	eq	2.9.17
powerdns:recursor	powerdns recursor	eq	2.9.18
powerdns:recursor	powerdns recursor	eq	3.0
powerdns:recursor	powerdns recursor	eq	3.0.1
powerdns:recursor	powerdns recursor	eq	3.1