pdns-recursor -- several vulnerabilities

2010-01-08T00:00:00
ID DSA-1968
Type debian
Reporter Debian
Modified 2010-01-08T00:00:00

Description

It was discovered that pdns-recursor, the PowerDNS recursive name server, contains several vulnerabilities:

A buffer overflow can be exploited to crash the daemon, or potentially execute arbitrary code.

A cache poisoning vulnerability may allow attackers to trick the server into serving incorrect DNS data.

For the oldstable distribution (etch), fixed packages will be provided soon.

For the stable distribution (lenny), these problems have been fixed in version 3.1.7-1+lenny1.

For the unstable distribution (sid), these problems have been fixed in version 3.1.7.2-1.

We recommend that you upgrade your pdns-recursor package.