Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:5046C34B6483326B151248BE8176C7E6:CD6ED
HistoryJan 09, 2010 - 12:36 p.m.

[Backports-security-announce] Security Update for pdns-recursor

2010-01-0912:36:38
lists.debian.org
11

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.041 Low

EPSS

Percentile

91.2%

JSON

Gerfried Fuchs uploaded new packages for pdns-recursor which fixed the
following security problems:

CVE-2009-4009

A buffer overflow can be exploited to crash the daemon, or potentially
execute arbitrary code.

CVE-2009-4010

A cache poisoning vulnerability may allow attackers to trick the
server into serving incorrect DNS data.

For the etch-backports distribution the problems have been fixed in
version 3.1.7-1+lenny1~bpo40+1.

For the sid distribution the problems have been fixed in version
3.1.7.2-1.

Upgrade instructions

If you don't use pinning (see [1]) you have to update the packages
manually via "apt-get -t lenny-backports install <packagelist>" with the
packagelist of your installed packages affected by this update.
[1] <http://backports.org/dokuwiki/doku.php?id=instructions&gt;

We recommend to pin the backports repository to 200 so that new versions
of installed backports will be installed automatically:

Package: *
Pin: release a=etch-backports
Pin-Priority: 200

Related

openvas 12
fedora 2
debian 3
nessus 9
osv 2
securityvulns 3
freebsd 1
gentoo 1
debiancve 2
prion 2
cve 2
ubuntucve 2
openvas
openvas
FreeBSD Ports: powerdns-recursor
2010-02-10 00:00:00
PowerDNS Recursor Multiple Vulnerabilities (Jan 2010)
2010-01-07 00:00:00
Debian: Security Advisory (DSA-1968-2)
2010-02-01 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: pdns-recursor-3.1.7.2-1.fc12
2010-01-07 00:57:41
[SECURITY] Fedora 11 Update: pdns-recursor-3.1.7.2-1.fc11
2010-01-07 00:55:19
debian
debian
[SECURITY] [DSA 1968-2] New pdns-recursor packages fix cache poisoning
2010-01-28 21:05:39
[SECURITY] [DSA 1968-1] New pdns-recursor packages fix potential code execution
2010-01-08 21:46:14
[Backports-security-announce] Security Update for pdns-recursor
2010-01-09 12:01:22
nessus
nessus
openSUSE Security Update : pdns-recursor (pdns-recursor-1945)
2010-02-15 00:00:00
Debian DSA-1968-1 : pdns-recursor - several vulnerabilities
2010-02-24 00:00:00
PowerDNS Recursor 3.x < 3.1.7.2 Multiple Vulnerabilities
2016-01-15 00:00:00
osv
osv
pdns-recursor - potential code execution
2010-01-08 00:00:00
pdns-recursor - cache poisoning
2010-01-08 00:00:00
securityvulns
securityvulns
PowerDNS multiple security vulnerabilities
2010-01-07 00:00:00
PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data
2010-01-07 00:00:00
PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited
2010-01-07 00:00:00
freebsd
freebsd
powerdns-recursor -- multiple vulnerabilities
2010-01-06 00:00:00
gentoo
gentoo
PowerDNS Recursor: Multiple vulnerabilities
2014-12-22 00:00:00
debiancve
debiancve
CVE-2009-4009
2010-01-08 17:30:00
CVE-2009-4010
2010-01-08 17:30:00
prion
prion
Buffer overflow
2010-01-08 17:30:00
Design/Logic Flaw
2010-01-08 17:30:00
cve
cve
CVE-2009-4010
2010-01-08 17:30:00
CVE-2009-4009
2010-01-08 17:30:00
ubuntucve
ubuntucve
CVE-2009-4010
2010-01-08 00:00:00
CVE-2009-4009
2010-01-08 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.041 Low

EPSS

Percentile

91.2%

JSON
Related for DEBIAN:5046C34B6483326B151248BE8176C7E6:CD6ED
openvas12fedora2debian3nessus9osv2securityvulns3freebsd1gentoo1debiancve2prion2cve2ubuntucve2