### Background
PowerDNS Recursor is a high-end, high-performance resolving name server
### Description
Multiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details.
### Impact
A remote attacker may be able to send specially crafted packets, possibly resulting in arbitrary code execution or a Denial of Service condition. Furthermore, a remote attacker may be able to spoof DNS data.
### Workaround
There is no known workaround at this time.
### Resolution
All PowerDNS Recursor users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/pdns-recursor-3.6.1-r1"
{"openvas": [{"lastseen": "2019-05-29T18:36:08", "description": "Gentoo Linux Local Security Checks GLSA 201412-33", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-33", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2012-1193", "CVE-2014-8601", "CVE-2009-4009"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121319", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121319", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-33.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121319\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:19 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-33\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-33\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\", \"CVE-2012-1193\", \"CVE-2014-8601\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-33\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-dns/pdns-recursor\", unaffected: make_list(\"ge 3.6.1-r1\"), vulnerable: make_list(\"lt 3.6.1-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:09:48", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-02-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: powerdns-recursor", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-02-10T00:00:00", "id": "OPENVAS:66822", "href": "http://plugins.openvas.org/nasl.php?oid=66822", "sourceData": "#\n#VID dd8f2394-fd08-11de-b425-00215c6a37bb\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID dd8f2394-fd08-11de-b425-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: powerdns-recursor\n\nCVE-2009-4010\nUnspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows\nremote attackers to spoof DNS data via crafted zones.\n\nCVE-2009-4009\nBuffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote\nattackers to cause a denial of service (daemon crash) or possibly\nexecute arbitrary code via crafted packets.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\nif(description)\n{\n script_id(66822);\n script_version(\"$Revision: 5263 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-10 14:45:51 +0100 (Fri, 10 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-10 21:51:26 +0100 (Wed, 10 Feb 2010)\");\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_bugtraq_id(37650,37653);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: powerdns-recursor\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"powerdns-recursor\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.1.7.2\")<0) {\n txt += 'Package powerdns-recursor version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:55", "description": "Check for the Version of pdns-recursor", "cvss3": {}, "published": "2010-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2010-0228", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:861600", "href": "http://plugins.openvas.org/nasl.php?oid=861600", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2010-0228\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdns-recursor on Fedora 12\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html\");\n script_id(861600);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-0228\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2010-0228\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.1.7.2~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:06:15", "description": "Check for the Version of pdns-recursor", "cvss3": {}, "published": "2010-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2010-0228", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2018-01-22T00:00:00", "id": "OPENVAS:1361412562310861600", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861600", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2010-0228\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdns-recursor on Fedora 12\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861600\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-0228\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2010-0228\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.1.7.2~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:05:16", "description": "The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-1.", "cvss3": {}, "published": "2010-01-20T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1968-1 (pdns-recursor)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:136141256231066734", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1968_1.nasl 8440 2018-01-17 07:58:46Z teissa $\n# Description: Auto-generated from advisory DSA 1968-1 (pdns-recursor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code (CVE-2009-4009).\n\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nFor the old stable distribution (etch), fixed packages will be\nprovided soon.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\nWe recommend that you upgrade your pdns-recursor package.\";\ntag_summary = \"The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66734\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1968-1 (pdns-recursor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.1.7-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:26", "description": "Check for the Version of pdns-recursor", "cvss3": {}, "published": "2010-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2010-0209", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:861603", "href": "http://plugins.openvas.org/nasl.php?oid=861603", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2010-0209\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdns-recursor on Fedora 11\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.html\");\n script_id(861603);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-0209\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2010-0209\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.1.7.2~1.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:18", "description": "The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-2.", "cvss3": {}, "published": "2010-02-01T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1968-2 (pdns-recursor)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66776", "href": "http://plugins.openvas.org/nasl.php?oid=66776", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1968_2.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 1968-2 (pdns-recursor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that pdns-recursor, the PowerDNS recursive name server,\ncontains a cache poisoning vulnerability which may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nThis DSA provides a security update for the old stable distribution\n(etch), similar to the previous update in DSA-1968-1. (Note that the\netch version of pdns-recursor was not vulnerable to CVE-2009-4009.)\n\nExtra care should be applied when installing this update. It is an etch\nbackport of the lenny version of the package (3.1.7 with security fixes\napplied). Major differences in internal domain name processing made\nbackporting just the security fix too difficult.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 3.1.4+v3.1.7-0+etch1.\n\nWe recommend that you upgrade your pdns-recursor package.\";\ntag_summary = \"The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-2\";\n\n\nif(description)\n{\n script_id(66776);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-01 18:25:19 +0100 (Mon, 01 Feb 2010)\");\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1968-2 (pdns-recursor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.1.4+v3.1.7-0+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:28", "description": "The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-1.", "cvss3": {}, "published": "2010-01-20T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1968-1 (pdns-recursor)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66734", "href": "http://plugins.openvas.org/nasl.php?oid=66734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1968_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 1968-1 (pdns-recursor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code (CVE-2009-4009).\n\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nFor the old stable distribution (etch), fixed packages will be\nprovided soon.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\nWe recommend that you upgrade your pdns-recursor package.\";\ntag_summary = \"The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-1\";\n\n\nif(description)\n{\n script_id(66734);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1968-1 (pdns-recursor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.1.7-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-25T10:55:08", "description": "Check for the Version of pdns-recursor", "cvss3": {}, "published": "2010-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2010-0209", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2018-01-24T00:00:00", "id": "OPENVAS:1361412562310861603", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861603", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2010-0209\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdns-recursor on Fedora 11\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861603\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-0209\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2010-0209\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.1.7.2~1.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:32:57", "description": "The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-2.", "cvss3": {}, "published": "2010-02-01T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1968-2 (pdns-recursor)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:136141256231066776", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066776", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1968_2.nasl 8187 2017-12-20 07:30:09Z teissa $\n# Description: Auto-generated from advisory DSA 1968-2 (pdns-recursor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that pdns-recursor, the PowerDNS recursive name server,\ncontains a cache poisoning vulnerability which may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nThis DSA provides a security update for the old stable distribution\n(etch), similar to the previous update in DSA-1968-1. (Note that the\netch version of pdns-recursor was not vulnerable to CVE-2009-4009.)\n\nExtra care should be applied when installing this update. It is an etch\nbackport of the lenny version of the package (3.1.7 with security fixes\napplied). Major differences in internal domain name processing made\nbackporting just the security fix too difficult.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 3.1.4+v3.1.7-0+etch1.\n\nWe recommend that you upgrade your pdns-recursor package.\";\ntag_summary = \"The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-2\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66776\");\n script_version(\"$Revision: 8187 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 08:30:09 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-01 18:25:19 +0100 (Mon, 01 Feb 2010)\");\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1968-2 (pdns-recursor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.1.4+v3.1.7-0+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:05", "description": "PowerDNS Recursor is prone to a remote cache-poisoning vulnerability and to a\n Buffer Overflow Vulnerability.", "cvss3": {}, "published": "2010-01-07T00:00:00", "type": "openvas", "title": "PowerDNS Recursor multiple vulnerabilities - Jan10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2019-03-01T00:00:00", "id": "OPENVAS:1361412562310100433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100433", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: pdns_jan_10.nasl 13960 2019-03-01 13:18:27Z cfischer $\n#\n# PowerDNS Recursor multiple vulnerabilities - Jan10\n#\n# Authors:\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:powerdns:recursor\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100433\");\n script_version(\"$Revision: 13960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-01 14:18:27 +0100 (Fri, 01 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-07 12:29:25 +0100 (Thu, 07 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_bugtraq_id(37653, 37650);\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_name(\"PowerDNS Recursor multiple vulnerabilities - Jan10\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"pdns_version.nasl\");\n script_mandatory_keys(\"powerdns/recursor/installed\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/37653\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/37650\");\n script_xref(name:\"URL\", value:\"http://www.powerdns.com/\");\n script_xref(name:\"URL\", value:\"http://doc.powerdns.com/powerdns-advisory-2010-02.html\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/508743\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit the remote cache-poisoning vulnerability to\n divert data from a legitimate site to an attacker-specified site.\n Successful exploits will allow the attacker to manipulate cache data,\n potentially facilitating man-in-the-middle, site-impersonation, or denial-of-\n service attacks.\n\n Successfully exploiting of the Buffer Overflow vulnerability allows a\n remote attacker to execute arbitrary code with superuser privileges,\n resulting in a complete compromise of the affected computer. Failed\n exploits will cause a denial of service.\");\n script_tag(name:\"affected\", value:\"PowerDNS Recursor 3.1.7.1 and earlier are vulnerable.\");\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for details.\");\n script_tag(name:\"summary\", value:\"PowerDNS Recursor is prone to a remote cache-poisoning vulnerability and to a\n Buffer Overflow Vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! infos = get_app_version_and_proto( cpe:CPE, port:port ) ) exit( 0 );\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif( version_is_less( version:version, test_version:\"3.1.7.2\" ) ) {\n report = report_fixed_ver( installed_version:version, fixed_version:\"3.1.7.2\" );\n security_message( data:report, port:port, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-17T11:05:08", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-02-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: powerdns-recursor", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:136141256231066822", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066822", "sourceData": "#\n#VID dd8f2394-fd08-11de-b425-00215c6a37bb\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID dd8f2394-fd08-11de-b425-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: powerdns-recursor\n\nCVE-2009-4010\nUnspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows\nremote attackers to spoof DNS data via crafted zones.\n\nCVE-2009-4009\nBuffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote\nattackers to cause a denial of service (daemon crash) or possibly\nexecute arbitrary code via crafted packets.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66822\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-10 21:51:26 +0100 (Wed, 10 Feb 2010)\");\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_bugtraq_id(37650,37653);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: powerdns-recursor\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"powerdns-recursor\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.1.7.2\")<0) {\n txt += 'Package powerdns-recursor version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:52:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1193"], "description": "Check for the Version of pdns-recursor", "modified": "2017-07-10T00:00:00", "published": "2013-05-03T00:00:00", "id": "OPENVAS:865585", "href": "http://plugins.openvas.org/nasl.php?oid=865585", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2013-6279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2013-6279\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"pdns-recursor on Fedora 18\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865585);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-03 09:52:56 +0530 (Fri, 03 May 2013)\");\n script_cve_id(\"CVE-2012-1193\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2013-6279\");\n\n script_xref(name: \"FEDORA\", value: \"2013-6279\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104177.html\");\n script_summary(\"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.5~2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:08:41", "description": "Check for the Version of pdns-recursor", "cvss3": {}, "published": "2013-05-03T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2013-6316", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1193"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:865596", "href": "http://plugins.openvas.org/nasl.php?oid=865596", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2013-6316\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"pdns-recursor on Fedora 17\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(865596);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-03 09:55:06 +0530 (Fri, 03 May 2013)\");\n script_cve_id(\"CVE-2012-1193\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2013-6316\");\n\n script_xref(name: \"FEDORA\", value: \"2013-6316\");\n script_xref(name: \"URL\" , value: \"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104173.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.5~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-05-03T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2013-6279", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1193"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865585", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865585", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2013-6279\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865585\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-03 09:52:56 +0530 (Fri, 03 May 2013)\");\n script_cve_id(\"CVE-2012-1193\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2013-6279\");\n script_xref(name:\"FEDORA\", value:\"2013-6279\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104177.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pdns-recursor'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"pdns-recursor on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.5~2.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1193"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-05-03T00:00:00", "id": "OPENVAS:1361412562310865596", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865596", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2013-6316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2013-6316\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.865596\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-05-03 09:55:06 +0530 (Fri, 03 May 2013)\");\n script_cve_id(\"CVE-2012-1193\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2013-6316\");\n script_xref(name:\"FEDORA\", value:\"2013-6316\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104173.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'pdns-recursor'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"pdns-recursor on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.5~2.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-03-12T17:57:51", "description": "The resolver in PowerDNS Recursor (aka pdns_recursor)\n 3.3 overwrites cached server names and TTL values in NS records during the processing of\n a response to an A record query, which allows remote attackers to trigger continued resolvability\n of revoked domain names via a ", "cvss3": {}, "published": "2018-09-12T00:00:00", "type": "openvas", "title": "PowerDNS Recursor < 3.5 Ghost Domain Names Attack", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1193"], "modified": "2020-03-11T00:00:00", "id": "OPENVAS:1361412562310112378", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112378", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# PowerDNS Recursor < 3.5 Ghost Domain Names Attack\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112378\");\n script_version(\"2020-03-11T09:57:55+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-11 09:57:55 +0000 (Wed, 11 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-09-12 17:55:14 +0200 (Wed, 12 Sep 2018)\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2012-1193\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"PowerDNS Recursor < 3.5 Ghost Domain Names Attack\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"pdns_version.nasl\");\n script_mandatory_keys(\"powerdns/recursor/installed\");\n\n script_tag(name:\"summary\", value:'The resolver in PowerDNS Recursor (aka pdns_recursor)\n 3.3 overwrites cached server names and TTL values in NS records during the processing of\n a response to an A record query, which allows remote attackers to trigger continued resolvability\n of revoked domain names via a \"ghost domain names\" attack.');\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"PowerDNS Recursor before version 3.5.\");\n\n script_tag(name:\"solution\", value:\"Update PowerDNS Recursor to version 3.5 or later.\");\n\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102729.html\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104173.html\");\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104177.html\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nCPE = \"cpe:/a:powerdns:recursor\";\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_proto( cpe:CPE, port:port ) )\n exit( 0 );\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif( version_is_less( version:version, test_version:\"3.5\" ) ) {\n report = report_fixed_ver( installed_version:version, fixed_version:\"3.5\" );\n security_message( data:report, port:port, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-03-12T17:57:51", "description": "PowerDNS Recursor before 3.6.2 does not limit delegation chaining,\n which allows remote attackers to cause a denial of service (", "cvss3": {}, "published": "2018-09-12T00:00:00", "type": "openvas", "title": "PowerDNS Security Advisory 2014-02: PowerDNS Recursor 3.6.1 and earlier can be made to provide bad service", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8601"], "modified": "2020-03-11T00:00:00", "id": "OPENVAS:1361412562310112377", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112377", "sourceData": "##############################################################################\n# OpenVAS Vulnerability Test\n#\n# PowerDNS Security Advisory 2014-02: PowerDNS Recursor 3.6.1 and earlier can be made to provide bad service\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH\n#\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112377\");\n script_version(\"2020-03-11T09:57:55+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-11 09:57:55 +0000 (Wed, 11 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-09-12 17:43:21 +0200 (Wed, 12 Sep 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2014-8601\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"PowerDNS Security Advisory 2014-02: PowerDNS Recursor 3.6.1 and earlier can be made to provide bad service\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"pdns_version.nasl\");\n script_mandatory_keys(\"powerdns/recursor/installed\");\n\n script_tag(name:\"summary\", value:'PowerDNS Recursor before 3.6.2 does not limit delegation chaining,\n which allows remote attackers to cause a denial of service (\"performance degradations\") via a large\n or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.');\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"PowerDNS Recursor before version 3.6.2.\");\n\n script_tag(name:\"solution\", value:\"Update PowerDNS Recursor to version 3.6.2.\");\n\n script_xref(name:\"URL\", value:\"https://doc.powerdns.com/md/security/powerdns-advisory-2014-02/\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nCPE = \"cpe:/a:powerdns:recursor\";\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_proto( cpe:CPE, port:port ) )\n exit( 0 );\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif( version_is_less( version:version, test_version:\"3.6.2\" ) ) {\n report = report_fixed_ver( installed_version:version, fixed_version:\"3.6.2\" );\n security_message( data:report, port:port, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:13", "description": "Florian Maury from ANSSI discovered a\nflaw in pdns-recursor, a recursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.", "cvss3": {}, "published": "2014-12-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3096-1 (pdns-recursor - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8601"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703096", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703096", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3096.nasl 14277 2019-03-18 14:45:38Z cfischer $\n# Auto-generated from advisory DSA 3096-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703096\");\n script_version(\"$Revision: 14277 $\");\n script_cve_id(\"CVE-2014-8601\");\n script_name(\"Debian Security Advisory DSA 3096-1 (pdns-recursor - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:45:38 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-11 00:00:00 +0100 (Thu, 11 Dec 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-3096.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"pdns-recursor on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy),\nthis problem has been fixed in version 3.3-3+deb7u1.\n\nFor the upcoming stable distribution (jessie) and unstable\ndistribution (sid), this problem has been fixed in version 3.6.2-1.\n\nWe recommend that you upgrade your pdns-recursor packages.\");\n script_tag(name:\"summary\", value:\"Florian Maury from ANSSI discovered a\nflaw in pdns-recursor, a recursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.3-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"pdns-recursor-dbg\", ver:\"3.3-3+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-03-20T16:42:31", "description": "Florian Maury from ANSSI discovered a\nflaw in pdns-recursor, a recursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.", "cvss3": {}, "published": "2014-12-11T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3096-1 (pdns-recursor - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8601"], "modified": "2018-03-19T00:00:00", "id": "OPENVAS:703096", "href": "http://plugins.openvas.org/nasl.php?oid=703096", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3096.nasl 9136 2018-03-19 13:08:02Z cfischer $\n# Auto-generated from advisory DSA 3096-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703096);\n script_version(\"$Revision: 9136 $\");\n script_cve_id(\"CVE-2014-8601\");\n script_name(\"Debian Security Advisory DSA 3096-1 (pdns-recursor - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-03-19 14:08:02 +0100 (Mon, 19 Mar 2018) $\");\n script_tag(name: \"creation_date\", value: \"2014-12-11 00:00:00 +0100 (Thu, 11 Dec 2014)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3096.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"pdns-recursor on Debian Linux\");\n script_tag(name: \"insight\", value: \"PowerDNS is a versatile nameserver\nwhich supports a large number of different backends ranging from simple zonefiles\nto relational databases and load balancing/failover algorithms.\nPowerDNS tries to emphasize speed and security.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthis problem has been fixed in version 3.3-3+deb7u1.\n\nFor the upcoming stable distribution (jessie) and unstable\ndistribution (sid), this problem has been fixed in version 3.6.2-1.\n\nWe recommend that you upgrade your pdns-recursor packages.\");\n script_tag(name: \"summary\", value: \"Florian Maury from ANSSI discovered a\nflaw in pdns-recursor, a recursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.3-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pdns-recursor-dbg\", ver:\"3.3-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2023-01-18T14:41:46", "description": "The remote host is affected by the vulnerability described in GLSA-201412-33 (PowerDNS Recursor: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PowerDNS Recursor.\n Please review the CVE identifiers and PowerDNS blog post referenced below for details.\n Impact :\n\n A remote attacker may be able to send specially crafted packets, possibly resulting in arbitrary code execution or a Denial of Service condition. Furthermore, a remote attacker may be able to spoof DNS data.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2014-12-23T00:00:00", "type": "nessus", "title": "GLSA-201412-33 : PowerDNS Recursor: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010", "CVE-2012-1193", "CVE-2014-8601"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:pdns-recursor", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-33.NASL", "href": "https://www.tenable.com/plugins/nessus/80210", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-33.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80210);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\", \"CVE-2012-1193\", \"CVE-2014-8601\");\n script_bugtraq_id(37650, 37653, 59348, 71545);\n script_xref(name:\"GLSA\", value:\"201412-33\");\n\n script_name(english:\"GLSA-201412-33 : PowerDNS Recursor: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-33\n(PowerDNS Recursor: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PowerDNS Recursor.\n Please review the CVE identifiers and PowerDNS blog post referenced below\n for details.\n \nImpact :\n\n A remote attacker may be able to send specially crafted packets,\n possibly resulting in arbitrary code execution or a Denial of Service\n condition. Furthermore, a remote attacker may be able to spoof DNS data.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e0bd75f6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-33\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PowerDNS Recursor users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/pdns-recursor-3.6.1-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-dns/pdns-recursor\", unaffected:make_list(\"ge 3.6.1-r1\"), vulnerable:make_list(\"lt 3.6.1-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PowerDNS Recursor\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:56:15", "description": "PowerDNS Security Advisory reports :\n\nPowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited.\n\nPowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data", "cvss3": {}, "published": "2010-01-11T00:00:00", "type": "nessus", "title": "FreeBSD : powerdns-recursor -- multiple vulnerabilities (dd8f2394-fd08-11de-b425-00215c6a37bb)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:powerdns-recursor", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_DD8F2394FD0811DEB42500215C6A37BB.NASL", "href": "https://www.tenable.com/plugins/nessus/43847", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43847);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n\n script_name(english:\"FreeBSD : powerdns-recursor -- multiple vulnerabilities (dd8f2394-fd08-11de-b425-00215c6a37bb)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PowerDNS Security Advisory reports :\n\nPowerDNS Recursor up to and including 3.1.7.1 can be brought down and\nprobably exploited.\n\nPowerDNS Recursor up to and including 3.1.7.1 can be spoofed into\naccepting bogus data\"\n );\n # https://vuxml.freebsd.org/freebsd/dd8f2394-fd08-11de-b425-00215c6a37bb.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e35d7f85\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:powerdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"powerdns-recursor<3.1.7.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:59:58", "description": "This update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).", "cvss3": {}, "published": "2010-02-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pdns-recursor (pdns-recursor-1945)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:pdns-recursor", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_PDNS-RECURSOR-100209.NASL", "href": "https://www.tenable.com/plugins/nessus/44610", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update pdns-recursor-1945.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44610);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n\n script_name(english:\"openSUSE Security Update : pdns-recursor (pdns-recursor-1945)\");\n script_summary(english:\"Check for the pdns-recursor-1945 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of pdns-rucursor improves the packet parsing code to fix a\npossible DNS spoofing vulnerability (CVE-2009-4010) and a remote\nbuffer overflow that could give the ability to execute arbitrary code\n(CVE-2009-4009).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=567990\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"pdns-recursor-3.1.5-14.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:02:04", "description": "Update to upstream version 3.1.7.2.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-02-25T00:00:00", "type": "nessus", "title": "Fedora 11 : pdns-recursor-3.1.7.2-1.fc11 (2010-0209)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdns-recursor", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2010-0209.NASL", "href": "https://www.tenable.com/plugins/nessus/44885", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-0209.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44885);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n script_xref(name:\"FEDORA\", value:\"2010-0209\");\n\n script_name(english:\"Fedora 11 : pdns-recursor-3.1.7.2-1.fc11 (2010-0209)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 3.1.7.2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=552285\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-January/033540.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?edf3727e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"pdns-recursor-3.1.7.2-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:30:31", "description": "According to its self-reported version number, the version of the PowerDNS Recursor listening on the remote host is version 3.x prior to 3.1.7.2. It is, therefore, affected by multiple vulnerabilities :\n\n - A buffer overflow condition exists that allows a remote \tattacker, via crafted packets, to cause a daemon crash, \tresulting in a denial of service condition.\n \t(CVE-2009-4009)\n\n - An unspecified flaw exists that allows a remote attacker \tto spoof DNS data via crafted zones. (CVE-2009-4010)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2016-01-15T00:00:00", "type": "nessus", "title": "PowerDNS Recursor 3.x < 3.1.7.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2018-07-26T00:00:00", "cpe": ["cpe:/a:powerdns:powerdns", "cpe:/a:powerdns:recursor"], "id": "POWERDNS_RECURSOR_3_1_7_2.NASL", "href": "https://www.tenable.com/plugins/nessus/87950", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87950);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/26 13:32:42\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n\n script_name(english:\"PowerDNS Recursor 3.x < 3.1.7.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the PowerDNS Recursor version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the version of the\nPowerDNS Recursor listening on the remote host is version 3.x prior to\n3.1.7.2. It is, therefore, affected by multiple vulnerabilities :\n\n - A buffer overflow condition exists that allows a remote\n \tattacker, via crafted packets, to cause a daemon crash,\n \tresulting in a denial of service condition.\n \t(CVE-2009-4009)\n\n - An unspecified flaw exists that allows a remote attacker\n \tto spoof DNS data via crafted zones. (CVE-2009-4010)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://doc.powerdns.com/md/security/powerdns-advisory-2010-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://doc.powerdns.com/md/security/powerdns-advisory-2010-02/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PowerDNS Recursor 3.1.7.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2010/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2010/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/15\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerdns:powerdns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerdns:recursor\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n script_dependencies(\"pdns_version.nasl\");\n script_require_keys(\"pdns/version\", \"pdns/version_full\", \"pdns/version_source\", \"pdns/type\", \"Settings/ParanoidReport\");\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"PowerDNS Recursor\";\nversion_source = get_kb_item_or_exit(\"pdns/version_source\");\nversion_full = get_kb_item_or_exit(\"pdns/version_full\");\nversion = get_kb_item_or_exit(\"pdns/version\");\n\nfix = '3.1.7.2';\nport = 53;\n\n# Only the Recursor is affected\ntype = get_kb_item_or_exit(\"pdns/type\");\nif (type != 'recursor') audit(AUDIT_NOT_LISTEN, app_name, port, \"UDP\");\n\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_APP_VER, app_name);\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (version !~ \"^3\\.\" || (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0))\n audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version_full, \"UDP\");\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + version_source +\n '\\n Installed version : ' + version_full +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:port, proto:\"udp\", extra:report);\n}\nelse security_hole(port:port, proto:\"udp\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:00:37", "description": "This update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).", "cvss3": {}, "published": "2010-02-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pdns-recursor (pdns-recursor-1945)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:pdns-recursor", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_PDNS-RECURSOR-100209.NASL", "href": "https://www.tenable.com/plugins/nessus/44619", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update pdns-recursor-1945.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44619);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n\n script_name(english:\"openSUSE Security Update : pdns-recursor (pdns-recursor-1945)\");\n script_summary(english:\"Check for the pdns-recursor-1945 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of pdns-rucursor improves the packet parsing code to fix a\npossible DNS spoofing vulnerability (CVE-2009-4010) and a remote\nbuffer overflow that could give the ability to execute arbitrary code\n(CVE-2009-4009).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=567990\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"pdns-recursor-3.1.7-8.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:00:43", "description": "This update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).", "cvss3": {}, "published": "2010-02-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pdns-recursor (pdns-recursor-1945)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:pdns-recursor", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_PDNS-RECURSOR-100209.NASL", "href": "https://www.tenable.com/plugins/nessus/44615", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update pdns-recursor-1945.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44615);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n\n script_name(english:\"openSUSE Security Update : pdns-recursor (pdns-recursor-1945)\");\n script_summary(english:\"Check for the pdns-recursor-1945 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of pdns-rucursor improves the packet parsing code to fix a\npossible DNS spoofing vulnerability (CVE-2009-4010) and a remote\nbuffer overflow that could give the ability to execute arbitrary code\n(CVE-2009-4009).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=567990\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"pdns-recursor-3.1.7-6.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:00:47", "description": "Update to upstream version 3.1.7.2.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-02-25T00:00:00", "type": "nessus", "title": "Fedora 12 : pdns-recursor-3.1.7.2-1.fc12 (2010-0228)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdns-recursor", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-0228.NASL", "href": "https://www.tenable.com/plugins/nessus/44888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-0228.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44888);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n script_xref(name:\"FEDORA\", value:\"2010-0228\");\n\n script_name(english:\"Fedora 12 : pdns-recursor-3.1.7.2-1.fc12 (2010-0228)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 3.1.7.2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=552285\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-January/033551.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?599853eb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"pdns-recursor-3.1.7.2-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:01:53", "description": "It was discovered that pdns-recursor, the PowerDNS recursive name server, contains several vulnerabilities :\n\n - CVE-2009-4009 A buffer overflow can be exploited to crash the daemon, or potentially execute arbitrary code.\n\n - CVE-2009-4010 A cache poisoning vulnerability may allow attackers to trick the server into serving incorrect DNS data.", "cvss3": {}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1968-1 : pdns-recursor - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:pdns-recursor", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1968.NASL", "href": "https://www.tenable.com/plugins/nessus/44833", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1968. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44833);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n script_xref(name:\"DSA\", value:\"1968\");\n\n script_name(english:\"Debian DSA-1968-1 : pdns-recursor - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities :\n\n - CVE-2009-4009\n A buffer overflow can be exploited to crash the daemon,\n or potentially execute arbitrary code.\n\n - CVE-2009-4010\n A cache poisoning vulnerability may allow attackers to\n trick the server into serving incorrect DNS data.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-1968\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the pdns-recursor package.\n\nFor the oldstable distribution (etch), fixed packages will be provided\nsoon.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"pdns-recursor\", reference:\"3.1.7-1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:50:02", "description": "According to its self-reported version number, the version of the PowerDNS Recursor service listening on the remote host is 3.3.x, 3.4.x, or 3.5 RC1. It is, therefore, affected by a ghost domain names vulnerability in the resolver service due to overwriting cached name servers and TTL values in NS records when processing a response of an A record query. A remote attacker can exploit this to resume the resolving of revoked domain names.\n\nNote that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2013-07-25T00:00:00", "type": "nessus", "title": "PowerDNS Recursor 3.3.x / 3.4.x / 3.5 RC1 Cache Update Policy Deleted Domain Name Resolving Weakness", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/a:powerdns:powerdns", "cpe:/a:powerdns:recursor"], "id": "POWERDNS_3_5_0.NASL", "href": "https://www.tenable.com/plugins/nessus/69429", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69429);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/25 18:58:03\");\n\n script_cve_id(\"CVE-2012-1193\");\n script_bugtraq_id(59348);\n\n script_name(english:\"PowerDNS Recursor 3.3.x / 3.4.x / 3.5 RC1 Cache Update Policy Deleted Domain Name Resolving Weakness\");\n script_summary(english:\"Checks the version of PowerDNS Recursor.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by a ghost domain names\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the version of the\nPowerDNS Recursor service listening on the remote host is 3.3.x,\n3.4.x, or 3.5 RC1. It is, therefore, affected by a ghost domain names\nvulnerability in the resolver service due to overwriting cached name\nservers and TTL values in NS records when processing a response of an\nA record query. A remote attacker can exploit this to resume the\nresolving of revoked domain names.\n\nNote that Nessus has not attempted to exploit this issue but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/PowerDNS/pdns/issues/668\");\n script_set_attribute(attribute:\"see_also\", value:\"https://doc.powerdns.com/md/changelog/#powerdns-recursor-version-35\");\n # https://github.com/PowerDNS/pdns/commit/fc202159bba4df949c41da6b85a2f33138d27167\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?70bb6cb5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PowerDNS Recursor 3.5.0 or later. Alternatively, apply the\npatch referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/25\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerdns:powerdns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerdns:recursor\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"DNS\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencie(\"pdns_version.nasl\");\n script_require_keys(\"pdns/version\", \"pdns/version_full\", \"pdns/version_source\", \"pdns/type\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"PowerDNS Recursor\";\nversion_source = get_kb_item_or_exit(\"pdns/version_source\");\nversion_full = get_kb_item_or_exit(\"pdns/version_full\");\nversion = get_kb_item_or_exit(\"pdns/version\");\n\nfix = '3.5.0';\nport = 53;\n\n# Only the Recursor is affected\ntype = get_kb_item_or_exit(\"pdns/type\");\nif (type != 'recursor') audit(AUDIT_NOT_LISTEN, app_name, port, \"UDP\");\n\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_APP_VER, app_name);\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n\nif (version !~ \"^3\\.[34]([^0-9]|$)\" && version_full !~ \"^3\\.5(\\.0)?-RC1([^0-9]|$)\")\n audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version_full, \"UDP\");\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + version_source +\n '\\n Installed version : ' + version_full +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_warning(port:port, proto:\"udp\", extra:report);\n}\nelse security_warning(port:port, proto:\"udp\");\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:30", "description": "- Update to 3.5\n\n - This is a stability, security and bugfix update to 3.3\n\n - Disarm dead code that causes gcc crashes on ARM (rhbz#954192)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-05-01T00:00:00", "type": "nessus", "title": "Fedora 18 : pdns-recursor-3.5-2.fc18 (2013-6279)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdns-recursor", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-6279.NASL", "href": "https://www.tenable.com/plugins/nessus/66282", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-6279.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66282);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1193\");\n script_bugtraq_id(59348);\n script_xref(name:\"FEDORA\", value:\"2013-6279\");\n\n script_name(english:\"Fedora 18 : pdns-recursor-3.5-2.fc18 (2013-6279)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 3.5\n\n - This is a stability, security and bugfix update to 3.3\n\n - Disarm dead code that causes gcc crashes on ARM\n (rhbz#954192)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=794963\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-May/104177.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dc7d77a4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"pdns-recursor-3.5-2.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:22", "description": "- Update to 3.5\n\n - This is a stability, security and bugfix update to 3.3\n\n - Disarm dead code that causes gcc crashes on ARM (rhbz#954192)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-05-01T00:00:00", "type": "nessus", "title": "Fedora 17 : pdns-recursor-3.5-2.fc17 (2013-6316)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdns-recursor", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-6316.NASL", "href": "https://www.tenable.com/plugins/nessus/66283", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-6316.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66283);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1193\");\n script_bugtraq_id(59348);\n script_xref(name:\"FEDORA\", value:\"2013-6316\");\n\n script_name(english:\"Fedora 17 : pdns-recursor-3.5-2.fc17 (2013-6316)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 3.5\n\n - This is a stability, security and bugfix update to 3.3\n\n - Disarm dead code that causes gcc crashes on ARM\n (rhbz#954192)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=794963\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-May/104173.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3efe6a4e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"pdns-recursor-3.5-2.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:23", "description": "- Update to 3.5\n\n - This is a stability, security and bugfix update to 3.3\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-04-22T00:00:00", "type": "nessus", "title": "Fedora 19 : pdns-recursor-3.5-1.fc19 (2013-5692)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdns-recursor", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2013-5692.NASL", "href": "https://www.tenable.com/plugins/nessus/66166", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-5692.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66166);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-1193\");\n script_xref(name:\"FEDORA\", value:\"2013-5692\");\n\n script_name(english:\"Fedora 19 : pdns-recursor-3.5-1.fc19 (2013-5692)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to 3.5\n\n - This is a stability, security and bugfix update to 3.3\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=794963\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/102729.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?897ac89c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"pdns-recursor-3.5-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:29", "description": "Florian Maury from ANSSI discovered a flaw in pdns-recursor, a recursive DNS server : a remote attacker controlling maliciously-constructed zones or a rogue server could affect the performance of pdns-recursor, thus leading to resource exhaustion and a potential denial of service.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-03-26T00:00:00", "type": "nessus", "title": "Debian DLA-104-1 : pdns-recursor security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:pdns-recursor", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-104.NASL", "href": "https://www.tenable.com/plugins/nessus/82088", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-104-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82088);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-8601\");\n script_bugtraq_id(71545);\n\n script_name(english:\"Debian DLA-104-1 : pdns-recursor security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Florian Maury from ANSSI discovered a flaw in pdns-recursor, a\nrecursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial of service.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/12/msg00007.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/pdns-recursor\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"pdns-recursor\", reference:\"3.2-4+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T16:29:50", "description": "According to its self-reported version number, the version of the PowerDNS Recursor listening on the remote host is version 3.x prior to 3.6.2. It is, therefore, affected by a denial of service vulnerability due to the lack of limiting delegation chaining. A remote attacker can exploit this vulnerability, via a large or infinite number of referrals, to cause resource exhaustion, resulting in a denial of service condition.\n\nNote that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.\nAlso, Nessus has not checked for the presence of the patch.", "cvss3": {}, "published": "2016-01-15T00:00:00", "type": "nessus", "title": "PowerDNS Recursor 3.x < 3.6.2 Recursive Referral Handling DoS", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:powerdns:powerdns", "cpe:/a:powerdns:recursor"], "id": "POWERDNS_RECURSOR_3_6_2.NASL", "href": "https://www.tenable.com/plugins/nessus/87951", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87951);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/15 20:50:21\");\n\n script_cve_id(\"CVE-2014-8601\");\n script_bugtraq_id(71545);\n script_xref(name:\"CERT\", value:\"264212\");\n\n script_name(english:\"PowerDNS Recursor 3.x < 3.6.2 Recursive Referral Handling DoS\");\n script_summary(english:\"Checks the PowerDNS Recursor version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the version of the\nPowerDNS Recursor listening on the remote host is version 3.x prior to\n3.6.2. It is, therefore, affected by a denial of service vulnerability\ndue to the lack of limiting delegation chaining. A remote attacker can\nexploit this vulnerability, via a large or infinite number of\nreferrals, to cause resource exhaustion, resulting in a denial of\nservice condition.\n\nNote that Nessus has not attempted to exploit this issue but has\ninstead relied only on the application's self-reported version number.\nAlso, Nessus has not checked for the presence of the patch.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://doc.powerdns.com/md/security/powerdns-advisory-2014-02/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.kb.cert.org/vuls/id/264212/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PowerDNS Recursor 3.6.2 or later. Alternatively, apply the\npatch referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2014/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2014/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/15\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerdns:powerdns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerdns:recursor\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n script_dependencies(\"pdns_version.nasl\");\n script_require_keys(\"pdns/version\", \"pdns/version_full\", \"pdns/version_source\", \"pdns/type\", \"Settings/ParanoidReport\");\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"PowerDNS Recursor\";\nversion_source = get_kb_item_or_exit(\"pdns/version_source\");\nversion_full = get_kb_item_or_exit(\"pdns/version_full\");\nversion = get_kb_item_or_exit(\"pdns/version\");\n\nfix = '3.6.2';\nport = 53;\n\n# Only the Recursor is affected\ntype = get_kb_item_or_exit(\"pdns/type\");\nif (type != 'recursor') audit(AUDIT_NOT_LISTEN, app_name, port, \"UDP\");\n\nif (version !~ \"^3\\.\" || (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0))\n audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version_full, \"UDP\");\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + version_source +\n '\\n Installed version : ' + version_full +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_warning(port:port, proto:\"udp\", extra:report);\n}\nelse security_warning(port:port, proto:\"udp\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:41:47", "description": "This pdns-recursor version update fixes the following security issue and non secuirty issues.\n\nUpdate to upstream release 3.6.2.\n\n - boo#906583: Degraded service through queries to queries to specific domains (CVE-2014-8601)\n\n - Fixed broken _localstatedir\n\nUpdate to upstream release 3.6.1.\n\n - gab14b4f: expedite servfail generation for ezdns-like failures (fully abort query resolving if we hit more than 50 outqueries)\n\n - g42025be: PowerDNS now polls the security status of a release at startup and periodically. More detail on this feature, and how to turn it off, can be found in Section 2, 'Security polling'.\n\n - g5027429: We did not transmit the right 'local' socket address to Lua for TCP/IP queries in the recursor. In addition, we would attempt to lookup a filedescriptor that wasn't there in an unlocked map which could conceivably lead to crashes. Closes t1828, thanks Winfried for reporting\n\n - g752756c: Sync embedded yahttp copy. API: Replace HTTP Basic auth with static key in custom header\n\n - g6fdd40d: add missing #include <pthread.h> to rec-channel.hh (this fixes building on OS X).\n\n - sync permissions/ownership of home and config dir with the pdns package\n\n - added systemd support for 12.3 and newer\n\nUpdate to upstrean release 3.5.3.\n\n - This is a bugfix and performance update to 3.5.2. It brings serious performance improvements for dual stack users. For all the details see http://doc.powerdns.com/html/changelog.html#changelog-re cursor-3.5.3\n\n - Remove patch (pdns-recursor-3.3_config.patch)\n\n - Add patch (pdns-recursor-3.5.3_config.patch)\n\nUpdate to upstrean release 3.5.2.\n\n - Responses without the QR bit set now get matched up to an outstanding query, so that resolution can be aborted early instead of waiting for a timeout.\n\n - The depth limiter changes in 3.5.1 broke some legal domains with lots of indirection.\n\n - Slightly improved logging to aid debugging.\n\nUpdate to upstream version 3.5.1.\n\n - This is a stability and bugfix update to 3.5. It contains important fixes that improve operation for certain domains. This is a stability, security and bugfix update to 3.3/3.3.1. It contains important fixes for slightly broken domain names, which your users expect to work anyhow. For all details see http://doc.powerdns.com/html/changelog.html#changelog-re cursor-3.5.1\n\n - adapted patches: pdns-rec-lua52.patch pdns-recursor-3.5.1_config.patch\n\n - fixed conditional for different lua versions\n\n - started some basic support to build packages for non suse distros", "cvss3": {}, "published": "2014-12-23T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pdns-recursor (openSUSE-SU-2014:1685-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:pdns-recursor", "p-cpe:/a:novell:opensuse:pdns-recursor-debuginfo", "p-cpe:/a:novell:opensuse:pdns-recursor-debugsource", "cpe:/o:novell:opensuse:12.3", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-798.NASL", "href": "https://www.tenable.com/plugins/nessus/80211", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-798.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80211);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-8601\");\n\n script_name(english:\"openSUSE Security Update : pdns-recursor (openSUSE-SU-2014:1685-1)\");\n script_summary(english:\"Check for the openSUSE-2014-798 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This pdns-recursor version update fixes the following security issue\nand non secuirty issues.\n\nUpdate to upstream release 3.6.2.\n\n - boo#906583: Degraded service through queries to queries\n to specific domains (CVE-2014-8601)\n\n - Fixed broken _localstatedir\n\nUpdate to upstream release 3.6.1.\n\n - gab14b4f: expedite servfail generation for ezdns-like\n failures (fully abort query resolving if we hit more\n than 50 outqueries)\n\n - g42025be: PowerDNS now polls the security status of a\n release at startup and periodically. More detail on this\n feature, and how to turn it off, can be found in Section\n 2, 'Security polling'.\n\n - g5027429: We did not transmit the right 'local' socket\n address to Lua for TCP/IP queries in the recursor. In\n addition, we would attempt to lookup a filedescriptor\n that wasn't there in an unlocked map which could\n conceivably lead to crashes. Closes t1828, thanks\n Winfried for reporting\n\n - g752756c: Sync embedded yahttp copy. API: Replace HTTP\n Basic auth with static key in custom header\n\n - g6fdd40d: add missing #include <pthread.h> to\n rec-channel.hh (this fixes building on OS X).\n\n - sync permissions/ownership of home and config dir with\n the pdns package\n\n - added systemd support for 12.3 and newer\n\nUpdate to upstrean release 3.5.3.\n\n - This is a bugfix and performance update to 3.5.2. It\n brings serious performance improvements for dual stack\n users. For all the details see\n http://doc.powerdns.com/html/changelog.html#changelog-re\n cursor-3.5.3\n\n - Remove patch (pdns-recursor-3.3_config.patch)\n\n - Add patch (pdns-recursor-3.5.3_config.patch)\n\nUpdate to upstrean release 3.5.2.\n\n - Responses without the QR bit set now get matched up to\n an outstanding query, so that resolution can be aborted\n early instead of waiting for a timeout.\n\n - The depth limiter changes in 3.5.1 broke some legal\n domains with lots of indirection.\n\n - Slightly improved logging to aid debugging.\n\nUpdate to upstream version 3.5.1.\n\n - This is a stability and bugfix update to 3.5. It\n contains important fixes that improve operation for\n certain domains. This is a stability, security and\n bugfix update to 3.3/3.3.1. It contains important fixes\n for slightly broken domain names, which your users\n expect to work anyhow. For all details see\n http://doc.powerdns.com/html/changelog.html#changelog-re\n cursor-3.5.1\n\n - adapted patches: pdns-rec-lua52.patch\n pdns-recursor-3.5.1_config.patch\n\n - fixed conditional for different lua versions\n\n - started some basic support to build packages for non\n suse distros\"\n );\n # http://doc.powerdns.com/html/changelog.html#changelog-recursor-3.5.1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://doc.powerdns.com/md/changelog/#changelog-recursor-3.5.1\"\n );\n # http://doc.powerdns.com/html/changelog.html#changelog-recursor-3.5.3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://doc.powerdns.com/md/changelog/#changelog-recursor-3.5.3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=906583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-12/msg00084.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"pdns-recursor-3.6.2-6.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"pdns-recursor-debuginfo-3.6.2-6.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"pdns-recursor-debugsource-3.6.2-6.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pdns-recursor-3.6.2-8.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pdns-recursor-debuginfo-3.6.2-8.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pdns-recursor-debugsource-3.6.2-8.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor / pdns-recursor-debuginfo / pdns-recursor-debugsource\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:42:19", "description": "Florian Maury from ANSSI discovered a flaw in pdns-recursor, a recursive DNS server : a remote attacker controlling maliciously-constructed zones or a rogue server could affect the performance of pdns-recursor, thus leading to resource exhaustion and a potential denial-of-service.", "cvss3": {}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "Debian DSA-3096-1 : pdns-recursor - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:pdns-recursor", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3096.NASL", "href": "https://www.tenable.com/plugins/nessus/79883", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3096. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79883);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-8601\");\n script_bugtraq_id(71545);\n script_xref(name:\"DSA\", value:\"3096\");\n\n script_name(english:\"Debian DSA-3096-1 : pdns-recursor - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Florian Maury from ANSSI discovered a flaw in pdns-recursor, a\nrecursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/pdns-recursor\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3096\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the pdns-recursor packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.3-3+deb7u1.\n\nFor the upcoming stable distribution (jessie) and unstable\ndistribution (sid), this problem has been fixed in version 3.6.2-1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"pdns-recursor\", reference:\"3.3-3+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"pdns-recursor-dbg\", reference:\"3.3-3+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2023-01-05T06:38:47", "description": "Gerfried Fuchs uploaded new packages for pdns-recursor which fixed the\nfollowing security problems:\n\nCVE-2009-4009\n\n A buffer overflow can be exploited to crash the daemon, or potentially\n execute arbitrary code.\n\nCVE-2009-4010\n\n A cache poisoning vulnerability may allow attackers to trick the\n server into serving incorrect DNS data.\n\nFor the etch-backports distribution the problems have been fixed in\nversion 3.1.7-1+lenny1~bpo40+1.\n\nFor the sid distribution the problems have been fixed in version\n3.1.7.2-1.\n\n\nUpgrade instructions\n--------------------\n\nIf you don't use pinning (see [1]) you have to update the packages\nmanually via "apt-get -t lenny-backports install <packagelist>" with the\npackagelist of your installed packages affected by this update.\n[1] <http://backports.org/dokuwiki/doku.php?id=instructions>\n\nWe recommend to pin the backports repository to 200 so that new versions\nof installed backports will be installed automatically:\n\n Package: *\n Pin: release a=etch-backports\n Pin-Priority: 200\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {}, "published": "2010-01-09T12:01:22", "type": "debian", "title": "[Backports-security-announce] Security Update for pdns-recursor", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-09T12:01:22", "id": "DEBIAN:9C9492C0CBFF271A623652456FB38237:CD6ED", "href": "https://lists.debian.org/debian-backports-announce/2010/01/msg00000.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:17", "description": "Gerfried Fuchs uploaded new packages for pdns-recursor which fixed the\nfollowing security problems:\n\nCVE-2009-4009\n\n A buffer overflow can be exploited to crash the daemon, or potentially\n execute arbitrary code.\n\nCVE-2009-4010\n\n A cache poisoning vulnerability may allow attackers to trick the\n server into serving incorrect DNS data.\n\nFor the etch-backports distribution the problems have been fixed in\nversion 3.1.7-1+lenny1~bpo40+1.\n\nFor the sid distribution the problems have been fixed in version\n3.1.7.2-1.\n\n\nUpgrade instructions\n--------------------\n\nIf you don't use pinning (see [1]) you have to update the packages\nmanually via "apt-get -t lenny-backports install <packagelist>" with the\npackagelist of your installed packages affected by this update.\n[1] <http://backports.org/dokuwiki/doku.php?id=instructions>\n\nWe recommend to pin the backports repository to 200 so that new versions\nof installed backports will be installed automatically:\n\n Package: *\n Pin: release a=etch-backports\n Pin-Priority: 200\n", "cvss3": {}, "published": "2010-01-09T12:36:38", "type": "debian", "title": "[Backports-security-announce] Security Update for pdns-recursor", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2010-01-09T12:36:38", "id": "DEBIAN:5046C34B6483326B151248BE8176C7E6:CD6ED", "href": "https://lists.debian.org/debian-backports-announce/2010/debian-backports-announce-201001/msg00000.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-21T03:02:55", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1968-2 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 28, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : pdns-recursor\nVulnerability : DNS cache poisoning\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-4010\n\nIt was discovered that pdns-recursor, the PowerDNS recursive name server,\ncontains a cache poisoning vulnerability which may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nThis DSA provides a security update for the old stable distribution\n(etch), similar to the previous update in DSA-1968-1. (Note that the\netch version of pdns-recursor was not vulnerable to CVE-2009-4009.)\n\nExtra care should be applied when installing this update. It is an etch\nbackport of the lenny version of the package (3.1.7 with security fixes\napplied). Major differences in internal domain name processing made\nbackporting just the security fix too difficult.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 3.1.4+v3.1.7-0+etch1.\n\nWe recommend that you upgrade your pdns-recursor package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7.orig.tar.gz\n Size/MD5 checksum: 211760 38c58fef666685d6756da97baf9b4d51\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1.diff.gz\n Size/MD5 checksum: 14100 3872ac93703320db9257d421d011af66\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1.dsc\n Size/MD5 checksum: 1227 b0ce0cdfa67a7759ec5f43dfe95b733e\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_alpha.deb\n Size/MD5 checksum: 580492 ae99c07e883f297f2f8cc1cef72a15c4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_amd64.deb\n Size/MD5 checksum: 486532 2b77a01f8594031e7fbb7b26d85e8bf8\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_i386.deb\n Size/MD5 checksum: 506954 0fc7f125b55dddf38779a266a2a01e35\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_ia64.deb\n Size/MD5 checksum: 693478 117be1c8613bd0dc35e3303f15ced0d0\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_powerpc.deb\n Size/MD5 checksum: 502984 ac3fa49c7889903425032190e514de31\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_s390.deb\n Size/MD5 checksum: 472764 db2847b3a85417f380183dbd23007687\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-01-28T21:05:39", "type": "debian", "title": "[SECURITY] [DSA 1968-2] New pdns-recursor packages fix cache poisoning", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-28T21:05:39", "id": "DEBIAN:DSA-1968-2:D18EC", "href": "https://lists.debian.org/debian-security-announce/2010/msg00019.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T00:45:25", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1968-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 08, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : pdns-recursor\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-4009 CVE-2009-4010\n\nIt was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code (CVE-2009-4009).\n\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nFor the old stable distribution (etch), fixed packages will be\nprovided soon.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\nWe recommend that you upgrade your pdns-recursor package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7.orig.tar.gz\n Size/MD5 checksum: 211760 38c58fef666685d6756da97baf9b4d51\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.dsc\n Size/MD5 checksum: 1654 fff9beb43eec355ca42d93d53c1ce299\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.diff.gz\n Size/MD5 checksum: 14769 8794fecd11f1b014592e2a36d40aaaf6\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_alpha.deb\n Size/MD5 checksum: 545726 dc05fab76c0fcb051b9a428cfa126061\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_amd64.deb\n Size/MD5 checksum: 440822 365fc4da2fd1770f8e62f1a3a0046231\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_i386.deb\n Size/MD5 checksum: 440686 ac26d27658892619ce539921796bce67\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_ia64.deb\n Size/MD5 checksum: 631308 f80c2d28ee6d9ebdbf6cad177c8fbddd\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_powerpc.deb\n Size/MD5 checksum: 463434 f0bba833d4231bb2237433373e888a12\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_s390.deb\n Size/MD5 checksum: 428138 994a5190fa0f73b49252bee0a695fb4d\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-01-08T21:46:14", "type": "debian", "title": "[SECURITY] [DSA 1968-1] New pdns-recursor packages fix potential code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-08T21:46:14", "id": "DEBIAN:DSA-1968-1:B8A8D", "href": "https://lists.debian.org/debian-security-announce/2010/msg00003.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T23:00:29", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3096-1 security@debian.org\nhttp://www.debian.org/security/ Sebastien Delafond\nDecember 11, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : pdns-recursor\nCVE ID : CVE-2014-8601\n\nFlorian Maury from ANSSI discovered a flaw in pdns-recursor, a\nrecursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.3-3+deb7u1.\n\nFor the upcoming stable distribution (jessie) and unstable\ndistribution (sid), this problem has been fixed in version 3.6.2-1.\n\nWe recommend that you upgrade your pdns-recursor packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-12-11T09:19:40", "type": "debian", "title": "[SECURITY] [DSA 3096-1] pdns-recursor security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-11T09:19:40", "id": "DEBIAN:DSA-3096-1:496CC", "href": "https://lists.debian.org/debian-security-announce/2014/msg00287.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-23T22:34:01", "description": "Package : pdns-recursor\nVersion : 3.2-4+deb6u1\nCVE ID : CVE-2014-8601\n\nFlorian Maury from ANSSI discovered a flaw in pdns-recursor, a\nrecursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.", "cvss3": {}, "published": "2014-12-11T21:22:39", "type": "debian", "title": "[SECURITY] [DLA 104-1] pdns-recursor security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-11T21:22:39", "id": "DEBIAN:DLA-104-1:49028", "href": "https://lists.debian.org/debian-lts-announce/2014/12/msg00007.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-08T23:43:21", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3096-1 security@debian.org\nhttp://www.debian.org/security/ Sebastien Delafond\nDecember 11, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : pdns-recursor\nCVE ID : CVE-2014-8601\n\nFlorian Maury from ANSSI discovered a flaw in pdns-recursor, a\nrecursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.3-3+deb7u1.\n\nFor the upcoming stable distribution (jessie) and unstable\ndistribution (sid), this problem has been fixed in version 3.6.2-1.\n\nWe recommend that you upgrade your pdns-recursor packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-12-11T09:19:40", "type": "debian", "title": "[SECURITY] [DSA 3096-1] pdns-recursor security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-11T09:19:40", "id": "DEBIAN:DSA-3096-1:62087", "href": "https://lists.debian.org/debian-security-announce/2014/msg00287.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nPowerDNS Security Advisory reports:\n\nPowerDNS Recursor up to and including 3.1.7.1 can be\n\t brought down and probably exploited.\n\n\nPowerDNS Recursor up to and including 3.1.7.1 can be\n\t spoofed into accepting bogus data\n\n\n", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "freebsd", "title": "powerdns-recursor -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-06T00:00:00", "id": "DD8F2394-FD08-11DE-B425-00215C6A37BB", "href": "https://vuxml.freebsd.org/freebsd/dd8f2394-fd08-11de-b425-00215c6a37bb.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-08-10T07:08:41", "description": "\nIt was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\n\n* [CVE-2009-4009](https://security-tracker.debian.org/tracker/CVE-2009-4009)\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code.\n* [CVE-2009-4010](https://security-tracker.debian.org/tracker/CVE-2009-4010)\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data.\n\n\nFor the oldstable distribution (etch), fixed packages will be\nprovided soon.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\n\nWe recommend that you upgrade your pdns-recursor package.\n\n\n", "edition": 1, "cvss3": {}, "published": "2010-01-08T00:00:00", "type": "osv", "title": "pdns-recursor - cache poisoning", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2022-08-10T07:08:33", "id": "OSV:DSA-1968-2", "href": "https://osv.dev/vulnerability/DSA-1968-2", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T07:08:41", "description": "\nIt was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\n\n* [CVE-2009-4009](https://security-tracker.debian.org/tracker/CVE-2009-4009)\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code.\n* [CVE-2009-4010](https://security-tracker.debian.org/tracker/CVE-2009-4010)\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data.\n\n\nFor the oldstable distribution (etch), fixed packages will be\nprovided soon.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\n\nWe recommend that you upgrade your pdns-recursor package.\n\n\n", "edition": 1, "cvss3": {}, "published": "2010-01-08T00:00:00", "type": "osv", "title": "pdns-recursor - potential code execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2022-08-10T07:08:33", "id": "OSV:DSA-1968-1", "href": "https://osv.dev/vulnerability/DSA-1968-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-21T08:20:28", "description": "\nFlorian Maury from ANSSI discovered a flaw in pdns-recursor, a\nrecursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.\n\n\nFor Debian 6 Squeeze, these issues have been fixed in pdns-recursor version 3.2-4+deb6u1\n\n\n", "edition": 1, "cvss3": {}, "published": "2014-12-11T00:00:00", "type": "osv", "title": "pdns-recursor - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2022-07-21T05:51:43", "id": "OSV:DLA-104-1", "href": "https://osv.dev/vulnerability/DLA-104-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-10T07:06:33", "description": "\nFlorian Maury from ANSSI discovered a flaw in pdns-recursor, a\nrecursive DNS server : a remote attacker controlling\nmaliciously-constructed zones or a rogue server could affect the\nperformance of pdns-recursor, thus leading to resource exhaustion and\na potential denial-of-service.\n\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.3-3+deb7u1.\n\n\nFor the upcoming stable distribution (jessie) and unstable\ndistribution (sid), this problem has been fixed in version 3.6.2-1.\n\n\nWe recommend that you upgrade your pdns-recursor packages.\n\n\n", "edition": 1, "cvss3": {}, "published": "2014-12-11T00:00:00", "type": "osv", "title": "pdns-recursor - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2022-08-10T07:06:26", "id": "OSV:DSA-3096-1", "href": "https://osv.dev/vulnerability/DSA-3096-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2021-06-08T19:10:06", "description": "Buffer overflow, records spoofing.", "edition": 2, "cvss3": {}, "published": "2010-01-07T00:00:00", "type": "securityvulns", "title": "PowerDNS multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2010-01-07T00:00:00", "id": "SECURITYVULNS:VULN:10503", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10503", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:32", "description": "PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data\r\n\r\nTable 1-7. PowerDNS Security Advisory\r\nCVE \tCVE-2009-4010\r\nDate \t6th of January 2010\r\nAffects \tPowerDNS Recursor 3.1.7.1 and earlier\r\nNot affected \tNo versions of the PowerDNS Authoritative ('pdns_server') are affected.\r\nSeverity \tHigh\r\nImpact \tUsing smart techniques, it is possible to fool the PowerDNS Recursor into accepting unauthorized data\r\nExploit \tWithheld\r\nSolution \tUpgrade to PowerDNS Recursor 3.1.7.2 or higher\r\nWorkaround \tNone.\r\n\r\nUsing specially crafted zones, it is possible to fool the PowerDNS Recursor into accepting bogus data. This data might be harmful to your users. An attacker would be able to divert data from, say, bigbank.com to an IP address of his choosing.\r\n\r\nThis vulnerability was discovered by a third party that (for now) prefers not to be named. PowerDNS is very grateful however for their help in improving PowerDNS security. ", "edition": 1, "cvss3": {}, "published": "2010-01-07T00:00:00", "type": "securityvulns", "title": "PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010"], "modified": "2010-01-07T00:00:00", "id": "SECURITYVULNS:DOC:23016", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23016", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:32", "description": "PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited\r\n\r\nTable 1-6. PowerDNS Security Advisory\r\nCVE \tCVE-2009-4009\r\nDate \t6th of January 2010\r\nAffects \tPowerDNS Recursor 3.1.7.1 and earlier\r\nNot affected \tNo versions of the PowerDNS Authoritative ('pdns_server') are affected.\r\nSeverity \tCritical\r\nImpact \tDenial of Service, possible full system compromise\r\nExploit \tWithheld\r\nSolution \tUpgrade to PowerDNS Recursor 3.1.7.2 or higher\r\nWorkaround \tNone. The risk of exploitation or denial of service can be decreased slightly by using the 'allow-from' setting to only provide service to known users. The risk of a full system compromise can be reduced by running with a suitable reduced privilege user and group settings, and possibly chroot environment.\r\n\r\nUsing specially crafted packets, it is possible to force a buffer overflow in the PowerDNS Recursor, leading to a crash.\r\n\r\nThis vulnerability was discovered by a third party that (for now) prefers not to be named. PowerDNS is very grateful however for their help in improving PowerDNS security. ", "edition": 1, "cvss3": {}, "published": "2010-01-07T00:00:00", "type": "securityvulns", "title": "PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009"], "modified": "2010-01-07T00:00:00", "id": "SECURITYVULNS:DOC:23015", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23015", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:11:03", "description": "Resources exhaustion.", "edition": 2, "cvss3": {}, "published": "2014-12-11T00:00:00", "type": "securityvulns", "title": "PowerDNS Recursor DoS", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-11T00:00:00", "id": "SECURITYVULNS:VULN:14152", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14152", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:56", "description": "\r\n\r\nHi everybody,\r\n\r\nPlease be aware of PowerDNS Security Advisory 2014-02\r\n(http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/), which you\r\ncan also find below. The good news is that the currently released version of the\r\nPowerDNS Recursor is safe. The bad news is that users of older versions\r\nwill have to upgrade.\r\n\r\nPowerDNS Recursor 3.6.2, released late October, is in wide production use\r\nand has been working well for our users. If however you have reasons not to\r\nupgrade, the advisory below contains a link to a patch which applies to\r\nolder versions.\r\n\r\nFinally, if you have problems upgrading, please either contact us on our\r\nmailing lists, or privately via powerdns.support@powerdns.com (should you\r\nwish to make use of our SLA-backed support program).\r\n\r\nWe want to thank Florian Maury of French government information security\r\nagency ANSSI for bringing this issue to our attention and coordinating the\r\nsecurity release with us and other nameserver vendors.\r\n\r\n## PowerDNS Security Advisory 2014-02: PowerDNS Recursor 3.6.1 and earlier can be made to provide bad service\r\n\r\n* CVE: CVE-2014-8601\r\n* Date: 8th of December 2014\r\n* Credit: Florian Maury ([ANSSI](http://www.ssi.gouv.fr/en/))\r\n* Affects: PowerDNS Recursor versions 3.6.1 and earlier\r\n* Not affected: PowerDNS Recursor 3.6.2; no versions of PowerDNS Authoritative Server\r\n* Severity: High\r\n* Impact: Degraded service\r\n* Exploit: This problem can be triggered by sending queries for specifically configured domains\r\n* Risk of system compromise: No\r\n* Solution: Upgrade to PowerDNS Recursor 3.6.2\r\n* Workaround: None known. Exposure can be limited by configuring the **allow-from** setting so only trusted users can query your nameserver.\r\n\r\nRecently we released PowerDNS Recursor 3.6.2 with a new feature that\r\nstrictly limits the amount of work we'll perform to resolve a single query.\r\nThis feature was inspired by performance degradations noted when resolving\r\ndomains hosted by 'ezdns.it', which can require thousands of queries to\r\nresolve.\r\n\r\nDuring the 3.6.2 release process, we were contacted by a government security\r\nagency with news that they had found that all major caching nameservers,\r\nincluding PowerDNS, could be negatively impacted by specially configured,\r\nhard to resolve domain names. With their permission, we continued the 3.6.2\r\nrelease process with the fix for the issue already in there.\r\n\r\nWe recommend that all users upgrade to 3.6.2 if at all possible. Alternatively,\r\nif you want to apply a minimal fix to your own tree, it can be found\r\n[here](https://downloads.powerdns.com/patches/2014-02/), including patches for older versions.\r\n\r\nAs for workarounds, only clients in allow-from are able to trigger the\r\ndegraded service, so this should be limited to your userbase.\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-12-11T00:00:00", "title": "[oss-security] PowerDNS Security Advisory 2014-02", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-11T00:00:00", "id": "SECURITYVULNS:DOC:31501", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31501", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:56", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA256\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-3096-1 security@debian.org\r\nhttp://www.debian.org/security/ Sebastien Delafond\r\nDecember 11, 2014 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : pdns-recursor\r\nCVE ID : CVE-2014-8601\r\n\r\nFlorian Maury from ANSSI discovered a flaw in pdns-recursor, a\r\nrecursive DNS server : a remote attacker controlling\r\nmaliciously-constructed zones or a rogue server could affect the\r\nperformance of pdns-recursor, thus leading to resource exhaustion and\r\na potential denial-of-service.\r\n\r\nFor the stable distribution (wheezy), this problem has been fixed in\r\nversion 3.3-3+deb7u1.\r\n\r\nFor the upcoming stable distribution (jessie) and unstable\r\ndistribution (sid), this problem has been fixed in version 3.6.2-1.\r\n\r\nWe recommend that you upgrade your pdns-recursor packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: https://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niQEcBAEBCAAGBQJUiWGsAAoJEBC+iYPz1Z1kuFsH+weq5tKFbnPK6FBy4k6MNc1o\r\nQe2j/ySjXZ++KDnKpZQrQevRiYO51UOa5QbIn9G5l3VtyM3VNDQqW/4jXuloRUVo\r\nVLps4UOJkGZUOwskwNSrzGsswTFCWb1CPYL+z7nd0xVWHqv/Y7XfTRYOSE/iLgHs\r\n2sfcmcTIvr7+4VhBIxmFI3VB/4dVJ0yrAAu2wY7h1sil7Fg7gWMkt4iyxDk/Cs0C\r\nOR/GwHArzeuP+mbQCQcPgPPdS5GbNlaqs3v+hE9UHXMkaWLde9YytwVpSKu0PjKt\r\n0Phrk8nCfaZWTideAH78YkQitji43fDsHH8nSgRbMDMxO1kpKkPIsVw90z3qoqo=\r\n=BNqh\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2014-12-11T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 3096-1] pdns-recursor security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-11T00:00:00", "id": "SECURITYVULNS:DOC:31499", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31499", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. ", "cvss3": {}, "published": "2010-01-07T00:55:19", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: pdns-recursor-3.1.7.2-1.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-07T00:55:19", "id": "FEDORA:2E12110F8CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EYBFRAIKS7ZB2M7TOGI36WJEGOWBYWLE/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. ", "cvss3": {}, "published": "2010-01-07T00:57:41", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: pdns-recursor-3.1.7.2-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-07T00:57:41", "id": "FEDORA:4765310F8CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7ZQVWBG3DT3UQ7777GOLX63FTT5PYV4K/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "description": "PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. ", "cvss3": {}, "published": "2013-04-20T19:48:11", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: pdns-recursor-3.5-1.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2013-04-20T19:48:11", "id": "FEDORA:B83A2210A3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NALLSNCVQETDTH5HKT445DYUKFRS53MB/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. ", "cvss3": {}, "published": "2013-05-01T03:36:21", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: pdns-recursor-3.5-2.fc18", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2013-05-01T03:36:21", "id": "FEDORA:5B20320AA7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YQYMN6X2MAQ2G2THSFLLPKTNDKNMDFZK/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:51", "description": "PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. ", "cvss3": {}, "published": "2013-05-01T03:35:24", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: pdns-recursor-3.5-2.fc17", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2013-05-01T03:35:24", "id": "FEDORA:8CCDA20A95", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EXLHDZ76RTW6R3UCAOXAQDIKEH6T2Y6P/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:38:04", "description": "Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote\nattackers to spoof DNS data via crafted zones.\n\n#### Bugs\n\n * <https://bugs.edge.launchpad.net/ubuntu/+source/pdns-recursor/+bug/502987>\n", "cvss3": {}, "published": "2010-01-08T00:00:00", "type": "ubuntucve", "title": "CVE-2009-4010", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010"], "modified": "2010-01-08T00:00:00", "id": "UB:CVE-2009-4010", "href": "https://ubuntu.com/security/CVE-2009-4010", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:38:04", "description": "Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers\nto cause a denial of service (daemon crash) or possibly execute arbitrary\ncode via crafted packets.\n\n#### Bugs\n\n * <https://bugs.edge.launchpad.net/ubuntu/+source/pdns-recursor/+bug/502987>\n", "cvss3": {}, "published": "2010-01-08T00:00:00", "type": "ubuntucve", "title": "CVE-2009-4009", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009"], "modified": "2010-01-08T00:00:00", "id": "UB:CVE-2009-4009", "href": "https://ubuntu.com/security/CVE-2009-4009", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:30:57", "description": "The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached\nserver names and TTL values in NS records during the processing of a\nresponse to an A record query, which allows remote attackers to trigger\ncontinued resolvability of revoked domain names via a \"ghost domain names\"\nattack.\n\n#### Bugs\n\n * <http://wiki.powerdns.com/trac/ticket/668>\n * <https://bugs.launchpad.net/ubuntu/+source/pdns-recursor/+bug/1391409>\n", "cvss3": {}, "published": "2012-02-17T00:00:00", "type": "ubuntucve", "title": "CVE-2012-1193", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2012-02-17T00:00:00", "id": "UB:CVE-2012-1193", "href": "https://ubuntu.com/security/CVE-2012-1193", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-08-04T14:18:35", "description": "PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which\nallows remote attackers to cause a denial of service (\"performance\ndegradations\") via a large or infinite number of referrals, as demonstrated\nby resolving domains hosted by ezdns.it.", "cvss3": {}, "published": "2014-12-10T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8601", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-10T00:00:00", "id": "UB:CVE-2014-8601", "href": "https://ubuntu.com/security/CVE-2014-8601", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T21:37:31", "description": "Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.", "cvss3": {}, "published": "2010-01-08T17:30:00", "type": "cve", "title": "CVE-2009-4010", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010"], "modified": "2018-10-10T19:48:00", "cpe": ["cpe:/a:powerdns:recursor:3.1.1", "cpe:/a:powerdns:recursor:3.1.6", "cpe:/a:powerdns:recursor:3.1.3", "cpe:/a:powerdns:recursor:3.1", "cpe:/a:powerdns:recursor:3.0", "cpe:/a:powerdns:recursor:2.9.16", "cpe:/a:powerdns:recursor:2.9.18", "cpe:/a:powerdns:recursor:3.1.7", "cpe:/a:powerdns:recursor:3.1.2", "cpe:/a:powerdns:recursor:2.0_rc1", "cpe:/a:powerdns:recursor:3.1.7.2", "cpe:/a:powerdns:recursor:2.8", "cpe:/a:powerdns:recursor:3.1.5", "cpe:/a:powerdns:recursor:3.0.1", "cpe:/a:powerdns:recursor:2.9.17", "cpe:/a:powerdns:recursor:2.9.15", "cpe:/a:powerdns:recursor:3.1.7.1", "cpe:/a:powerdns:recursor:3.1.4"], "id": "CVE-2009-4010", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4010", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T21:37:30", "description": "Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.", "cvss3": {}, "published": "2010-01-08T17:30:00", "type": "cve", "title": "CVE-2009-4009", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009"], "modified": "2018-10-10T19:48:00", "cpe": ["cpe:/a:powerdns:recursor:3.1.1", "cpe:/a:powerdns:recursor:3.1.6", "cpe:/a:powerdns:recursor:3.1.3", "cpe:/a:powerdns:recursor:3.1", "cpe:/a:powerdns:recursor:3.0", "cpe:/a:powerdns:recursor:2.9.16", "cpe:/a:powerdns:recursor:3.0.1", "cpe:/a:powerdns:recursor:2.9.18", "cpe:/a:powerdns:recursor:3.1.7", "cpe:/a:powerdns:recursor:2.0_rc1", "cpe:/a:powerdns:recursor:3.1.7.2", "cpe:/a:powerdns:recursor:2.8", "cpe:/a:powerdns:recursor:3.1.5", "cpe:/a:powerdns:recursor:3.1.2", "cpe:/a:powerdns:recursor:2.9.17", "cpe:/a:powerdns:recursor:2.9.15", "cpe:/a:powerdns:recursor:3.1.7.1", "cpe:/a:powerdns:recursor:3.1.4"], "id": "CVE-2009-4009", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4009", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:powerdns:recursor:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:57:32", "description": "The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a \"ghost domain names\" attack.", "cvss3": {}, "published": "2012-02-17T22:55:00", "type": "cve", "title": "CVE-2012-1193", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-1193"], "modified": "2013-12-13T04:57:00", "cpe": ["cpe:/a:powerdns:powerdns_recursor:3.3"], "id": "CVE-2012-1193", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1193", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:powerdns:powerdns_recursor:3.3:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T15:09:06", "description": "PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service (\"performance degradations\") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.", "cvss3": {}, "published": "2014-12-10T15:59:00", "type": "cve", "title": "CVE-2014-8601", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2016-09-06T14:30:00", "cpe": ["cpe:/a:powerdns:recursor:3.6.1", "cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2014-8601", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8601", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:powerdns:recursor:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2023-02-04T18:11:37", "description": "Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.", "cvss3": {}, "published": "2010-01-08T17:30:00", "type": "debiancve", "title": "CVE-2009-4010", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010"], "modified": "2010-01-08T17:30:00", "id": "DEBIANCVE:CVE-2009-4010", "href": "https://security-tracker.debian.org/tracker/CVE-2009-4010", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-04T18:11:37", "description": "Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.", "cvss3": {}, "published": "2010-01-08T17:30:00", "type": "debiancve", "title": "CVE-2009-4009", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009"], "modified": "2010-01-08T17:30:00", "id": "DEBIANCVE:CVE-2009-4009", "href": "https://security-tracker.debian.org/tracker/CVE-2009-4009", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-04T18:11:37", "description": "PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service (\"performance degradations\") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.", "cvss3": {}, "published": "2014-12-10T15:59:00", "type": "debiancve", "title": "CVE-2014-8601", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-10T15:59:00", "id": "DEBIANCVE:CVE-2014-8601", "href": "https://security-tracker.debian.org/tracker/CVE-2014-8601", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:42", "description": "PowerDNS, while acting as a caching nameserver, can be negatively\nimpacted by sending queries for specially configured, hard to resolve\ndomain names. This is the same issue as the ones found in bind\n(ASA-201412-7) and unbound (ASA-201412-8).", "edition": 2, "cvss3": {}, "published": "2014-12-09T00:00:00", "type": "archlinux", "title": "powerdns-recursor: denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-09T00:00:00", "id": "ASA-201412-9", "href": "https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated pdns-recursor package fixes security vulnerability: PowerDNS Recursor before version 3.6.2, could be negatively impacted by specially configured, hard to resolve domain names. A remote attacker, by sending a query for such a domain name, could cause severe performance degradation in PowerDNS Recursor, causing a denial of service (CVE-2014-8601). The pdns-recursor package has been updated to version 3.6.2, fixing this issue and several other bugs, as well as providing additional features. \n", "cvss3": {}, "published": "2014-12-10T20:09:57", "type": "mageia", "title": "Updated pdns-recursor packages fix CVE-2014-8601\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601"], "modified": "2014-12-10T20:09:57", "id": "MGASA-2014-0522", "href": "https://advisories.mageia.org/MGASA-2014-0522.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2017-10-12T02:11:07", "description": " * [CVE-2014-8601](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8601>) \n \nPowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service (\"performance degradations\") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it. \n\n * [CVE-2015-1868](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1868>) \n \nThe label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.\n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {}, "published": "2015-07-03T00:35:00", "type": "f5", "title": "PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601", "CVE-2015-1868"], "modified": "2016-01-09T02:21:00", "id": "F5:K16866", "href": "https://support.f5.com/csp/article/K16866", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-12-03T05:28:11", "description": " * [CVE-2014-8601](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8601>) \n \nPowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service (\"performance degradations\") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it. \n\u00c2 \n * [CVE-2015-1868](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1868>) \n \nThe label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.\n", "cvss3": {}, "published": "2015-07-02T00:00:00", "type": "f5", "title": "SOL16866 - PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8601", "CVE-2015-1868"], "modified": "2015-12-03T00:00:00", "id": "SOL16866", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/800/sol16866.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cert": [{"lastseen": "2021-09-28T17:53:05", "description": "### Overview\n\nRecursive DNS resolvers may become stuck following an infinite chain of referrals due to a malicious authoritative server.\n\n### Description\n\nRFC 1034 describes the standard technical issues of enabling domain delegations in DNS, but does not provide a specific implementation, leaving DNS servers to provide their own methods to implement RFC 1034. In some implementations of recursive resolvers, a query to a malicious authoritative server may cause the resolver to follow an infinite chain of referrals. Attempting to follow the infinite chain can cause a denial-of-service (DoS) situation on the DNS resolver due to resource exhaustion.\n\nThis issue primarily affects recursive resolvers. Additionally, as noted in ISC Security Advisory [AA-01216](<https://kb.isc.org/article/AA-01216>): \"Authoritative servers can be affected if an attacker can control a delegation traversed by the authoritative server in servicing the zone.\" \n \nDepending on how the resolver handles out-of-bailiwick glue records and performs simultaneous queries, it may also be possible to cause the resolver to perform a DoS attack on a target using DNS traffic. \n \n--- \n \n### Impact\n\nA recursive DNS resolver following an infinite chain of referrals can result in high process memory and CPU usage and eventually process termination. The effect can range from increased server response time to clients to complete interruption of the service. \n \nResolvers that follow multiple referrals at once can cause large bursts of network traffic. \n \n--- \n \n### Solution\n\n**Apply an update** \n \nThese issues are addressed by limiting the maximum number of referrals followed and the number of simultaneous queries. See the Vendor Information section below for information about specific vendors. \n \n--- \n \n### Vendor Information\n\n264212\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### EfficientIP __ Affected\n\nNotified: December 11, 2014 Updated: May 11, 2015 \n\n**Statement Date: December 22, 2014**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\n`All products are affected if they are used as a recursive DNS server. All versions are affected. Upgrade to the latest patch of your release: 5.0.4.p1 or 5.0.3.p4. \n \nAvailable releases can be downloaded at: ``<http://www.efficientip.com/support-services/>`\n\n### Vendor Information \n\n`CVE-2014-8602 covers this vulnerability if you are running Unbound. \nCVE-2014-8500 covers this vulnerability if you are running BIND.`\n\n### Vendor References\n\n * <http://www.efficientip.com/support-services/>\n\n### Infoblox __ Affected\n\nNotified: November 24, 2014 Updated: December 11, 2014 \n\n**Statement Date: December 11, 2014**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\n\"`All versions of NIOS prior to 6.8.13, 6.10.11, 6.11.7 and 6.12.2 are affected \nby the vulnerability. \n \nPlease update to fixed versions available through the Infoblox support site or \ncontact Infoblox Support for further assistance.`\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Internet Systems Consortium __ Affected\n\nUpdated: December 09, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nUpgrade to the patched release most closely related to your current version of BIND. Patched builds of currently supported branches of BIND (9.9 and 9.10) can be downloaded via [_http://www.isc.org/downloads_](<http://www.isc.org/downloads>)\n\n * BIND 9 version 9.9.6-P1\n * BIND 9 version 9.10.1-P1\n\n### Vendor Information \n\nThis vulnerability has been fixed in the latest version of BIND. Users are encouraged to update BIND as soon as possible. This issue in BIND is assigned CVE-2014-8500.\n\n### Vendor References\n\n * <https://kb.isc.org/article/AA-01216/0>\n\n### MaraDNS __ Affected\n\nNotified: December 03, 2014 Updated: January 26, 2015 \n\n**Statement Date: January 24, 2015**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\n\"`I have released MaraDNS 2.0.10, MaraDNS 1.4.15, and Deadwood 3.2.06 \nwhich are patched against this possible vulnerability. \n \nDownloads are available at <http://maradns.samiam.org/download/> and \n<https://github.com/samboy/MaraDNS>`\".\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://maradns.samiam.org/download/>\n * <https://github.com/samboy/MaraDNS>\n * <https://github.com/samboy/MaraDNS/commit/1f694df9fb972d59d77167fff9bbdd095dc5d1b4>\n * <https://github.com/samboy/MaraDNS/commit/c5c49306ed1f2627774dae27313a2b58d9a9ac6d>\n\n### NEC Corporation __ Affected\n\nUpdated: October 26, 2015 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe provide information on this issue at the following URL <<http://jpn.nec.com/security-info/secinfo/nv15-008.html>>(only in Japanese)\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://jpn.nec.com/security-info/secinfo/nv15-008.html>\n\n### NLnet Labs __ Affected\n\nUpdated: December 09, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nCVE-2014-8602 covers this vulnerability in Unbound.\n\n### Vendor References\n\n * <https://unbound.net/downloads/CVE-2014-8602.txt>\n\n### PowerDNS __ Affected\n\nUpdated: December 09, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nUpgrade to PowerDNS Recursor 3.6.2.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://blog.powerdns.com/2014/12/08/powerdns-security-notification-2014-02/>\n * <http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/>\n\n### CZ NIC __ Not Affected\n\nNotified: December 17, 2014 Updated: December 18, 2014 \n\n**Statement Date: December 18, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"`Knot DNS is an authoritative-only DNS and thus is not vulnerable to \nthis attack. We are in early stages of development for Knot DNS \nResolver, so we will make sure that we mitigate this vulnerability.`\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### European Registry for Internet Domains __ Not Affected\n\nNotified: December 17, 2014 Updated: December 18, 2014 \n\n**Statement Date: December 18, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"We are not affected by this issue as we currently do not provide a recursive resolver.\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### GNU adns __ Not Affected\n\nNotified: December 03, 2014 Updated: December 17, 2014 \n\n**Statement Date: December 17, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"`adns is a stub resolver and does not follow delegation chains \nat all. So it is not vulnerable.`\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### GNU glibc Not Affected\n\nUpdated: December 18, 2014 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Microsoft Corporation __ Not Affected\n\nNotified: December 18, 2014 Updated: December 29, 2014 \n\n**Statement Date: December 20, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"`The Windows DNS server is \"not affected\" ... The Windows DNS server by default has ways to put a cap on the maximum effort it makes to resolve such chains. [Administrators] can further reduce or increase the cap as suited.`\"\n\n### Vendor Information \n\nThe statement above refers to the following Microsoft TechNet Blog post describing how administrators may set the effort cap on the Microsoft DNS server:\n\n`<http://blogs.technet.com/b/networking/archive/2014/12/15/handling-endless-delegation-chains-in-windows-dns-server.aspx>`\n\n### Vendor References\n\n * <http://blogs.technet.com/b/networking/archive/2014/12/15/handling-endless-delegation-chains-in-windows-dns-server.aspx>\n\n### Nominum __ Not Affected\n\nNotified: November 24, 2014 Updated: December 09, 2014 \n\n**Statement Date: December 09, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"Nominum servers are not vulnerable to this attack directly\".\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### OpenDNS __ Not Affected\n\nNotified: December 10, 2014 Updated: December 18, 2014 \n\n**Statement Date: December 10, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"`OpenDNS is not vulnerable to this attack.`\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Secure64 Software Corporation __ Not Affected\n\nNotified: November 24, 2014 Updated: December 19, 2014 \n\n**Statement Date: December 19, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"`\"Secure64 servers are not directly vulnerable to this infinite recursion attack\".`\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### djbdns __ Not Affected\n\nNotified: December 03, 2014 Updated: December 10, 2014 \n\n**Statement Date: December 04, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"`All versions: Not vulnerable.`\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### dnsmasq Not Affected\n\nNotified: December 03, 2014 Updated: December 05, 2014 \n\n**Statement Date: December 04, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### gdnsd __ Not Affected\n\nNotified: December 17, 2014 Updated: December 18, 2014 \n\n**Statement Date: December 18, 2014**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"`gdnsd is not vulnerable to this attack because it is a pure authoritative server; it never sends DNS queries to other servers.`\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Apple Unknown\n\nNotified: December 03, 2014 Updated: December 03, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Cisco Systems, Inc. Unknown\n\nNotified: December 03, 2014 Updated: December 03, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### F5 Networks, Inc. Unknown\n\nNotified: November 24, 2014 Updated: November 24, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### JH Software Unknown\n\nNotified: December 17, 2014 Updated: December 18, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\nView all 22 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 4.3 | AV:N/AC:M/Au:N/C:N/I:N/A:P \nTemporal | 3.4 | E:POC/RL:OF/RC:C \nEnvironmental | 3.4 | CDP:ND/TD:H/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * <https://www.ietf.org/rfc/rfc1034.txt>\n * <http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html>\n\n### Acknowledgements\n\nISC would like to thank Florian Maury (ANSSI) for discovering and reporting this vulnerability.\n\nThis document was written by Garret Wassermann.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2014-8601](<http://web.nvd.nist.gov/vuln/detail/CVE-2014-8601>), [CVE-2014-8500](<http://web.nvd.nist.gov/vuln/detail/CVE-2014-8500>), [CVE-2014-8602](<http://web.nvd.nist.gov/vuln/detail/CVE-2014-8602>) \n---|--- \n**Date Public:** | 2014-12-08 \n**Date First Published:** | 2014-12-09 \n**Date Last Updated: ** | 2015-10-27 02:27 UTC \n**Document Revision: ** | 58 \n", "cvss3": {}, "published": "2014-12-09T00:00:00", "type": "cert", "title": "Recursive DNS resolver implementations may follow referrals infinitely", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8500", "CVE-2014-8601", "CVE-2014-8602"], "modified": "2015-10-27T02:27:00", "id": "VU:264212", "href": "https://www.kb.cert.org/vuls/id/264212", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
PowerDNS Recursor: Multiple vulnerabilities
