Lucene search

K
nvd[email protected]NVD:CVE-2012-1193
HistoryFeb 17, 2012 - 10:55 p.m.

CVE-2012-1193

2012-02-1722:55:00
web.nvd.nist.gov
3

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.006

Percentile

79.1%

The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a “ghost domain names” attack.

Affected configurations

Nvd
Node
powerdnspowerdns_recursorMatch3.3
VendorProductVersionCPE
powerdnspowerdns_recursor3.3cpe:2.3:a:powerdns:powerdns_recursor:3.3:*:*:*:*:*:*:*

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.006

Percentile

79.1%