{"id": "OPENVAS:1361412562310861600", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for pdns-recursor FEDORA-2010-0228", "description": "Check for the Version of pdns-recursor", "published": "2010-01-15T00:00:00", "modified": "2018-01-22T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 10.0}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861600", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html", "2010-0228"], "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "lastseen": "2018-01-22T13:06:15", "viewCount": 1, "enchantments": {"score": {"value": -0.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-4009", "CVE-2009-4010"]}, {"type": "debian", "idList": ["DEBIAN:5046C34B6483326B151248BE8176C7E6:CD6ED", "DEBIAN:9C9492C0CBFF271A623652456FB38237:CD6ED", "DEBIAN:DSA-1968-1:B8A8D", "DEBIAN:DSA-1968-2:D18EC"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-4009", "DEBIANCVE:CVE-2009-4010"]}, {"type": "fedora", "idList": ["FEDORA:2E12110F8CA", "FEDORA:4765310F8CA"]}, {"type": "freebsd", "idList": ["DD8F2394-FD08-11DE-B425-00215C6A37BB"]}, {"type": "gentoo", "idList": ["GLSA-201412-33"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1968.NASL", "FEDORA_2010-0209.NASL", "FEDORA_2010-0228.NASL", "FREEBSD_PKG_DD8F2394FD0811DEB42500215C6A37BB.NASL", "GENTOO_GLSA-201412-33.NASL", "POWERDNS_RECURSOR_3_1_7_2.NASL", "SUSE_11_0_PDNS-RECURSOR-100209.NASL", "SUSE_11_1_PDNS-RECURSOR-100209.NASL", "SUSE_11_2_PDNS-RECURSOR-100209.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310100433", "OPENVAS:1361412562310121319", "OPENVAS:136141256231066734", "OPENVAS:136141256231066776", "OPENVAS:136141256231066822", "OPENVAS:1361412562310861603", "OPENVAS:66734", "OPENVAS:66776", "OPENVAS:66822", "OPENVAS:861600", "OPENVAS:861603"]}, {"type": "osv", "idList": ["OSV:DSA-1968-1", "OSV:DSA-1968-2"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:23015", "SECURITYVULNS:DOC:23016", "SECURITYVULNS:VULN:10503"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-4009", "UB:CVE-2009-4010"]}]}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2009-4009", "CVE-2009-4010"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1968-2:D18EC"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-4010"]}, {"type": "fedora", "idList": ["FEDORA:2E12110F8CA"]}, {"type": "freebsd", "idList": ["DD8F2394-FD08-11DE-B425-00215C6A37BB"]}, {"type": "nessus", "idList": ["SUSE_11_1_PDNS-RECURSOR-100209.NASL", "SUSE_11_2_PDNS-RECURSOR-100209.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121319"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10503"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-4010"]}]}, "exploitation": null, "vulnersScore": -0.1}, "pluginID": "1361412562310861600", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2010-0228\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdns-recursor on Fedora 12\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861600\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-0228\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2010-0228\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.1.7.2~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1660004461, "score": 1660012044}, "_internal": {"score_hash": "d715bfaf37d2b2a3f36729c611bf0fbf"}}
{"openvas": [{"lastseen": "2017-12-21T11:32:57", "description": "The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-2.", "cvss3": {}, "published": "2010-02-01T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1968-2 (pdns-recursor)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:136141256231066776", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066776", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1968_2.nasl 8187 2017-12-20 07:30:09Z teissa $\n# Description: Auto-generated from advisory DSA 1968-2 (pdns-recursor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that pdns-recursor, the PowerDNS recursive name server,\ncontains a cache poisoning vulnerability which may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nThis DSA provides a security update for the old stable distribution\n(etch), similar to the previous update in DSA-1968-1. (Note that the\netch version of pdns-recursor was not vulnerable to CVE-2009-4009.)\n\nExtra care should be applied when installing this update. It is an etch\nbackport of the lenny version of the package (3.1.7 with security fixes\napplied). Major differences in internal domain name processing made\nbackporting just the security fix too difficult.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 3.1.4+v3.1.7-0+etch1.\n\nWe recommend that you upgrade your pdns-recursor package.\";\ntag_summary = \"The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-2\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66776\");\n script_version(\"$Revision: 8187 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 08:30:09 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-01 18:25:19 +0100 (Mon, 01 Feb 2010)\");\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1968-2 (pdns-recursor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.1.4+v3.1.7-0+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:05", "description": "PowerDNS Recursor is prone to a remote cache-poisoning vulnerability and to a\n Buffer Overflow Vulnerability.", "cvss3": {}, "published": "2010-01-07T00:00:00", "type": "openvas", "title": "PowerDNS Recursor multiple vulnerabilities - Jan10", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2019-03-01T00:00:00", "id": "OPENVAS:1361412562310100433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100433", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: pdns_jan_10.nasl 13960 2019-03-01 13:18:27Z cfischer $\n#\n# PowerDNS Recursor multiple vulnerabilities - Jan10\n#\n# Authors:\n# Michael Meyer\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:powerdns:recursor\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100433\");\n script_version(\"$Revision: 13960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-01 14:18:27 +0100 (Fri, 01 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-07 12:29:25 +0100 (Thu, 07 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_bugtraq_id(37653, 37650);\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_name(\"PowerDNS Recursor multiple vulnerabilities - Jan10\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"pdns_version.nasl\");\n script_mandatory_keys(\"powerdns/recursor/installed\");\n\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/37653\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/bid/37650\");\n script_xref(name:\"URL\", value:\"http://www.powerdns.com/\");\n script_xref(name:\"URL\", value:\"http://doc.powerdns.com/powerdns-advisory-2010-02.html\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/508743\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit the remote cache-poisoning vulnerability to\n divert data from a legitimate site to an attacker-specified site.\n Successful exploits will allow the attacker to manipulate cache data,\n potentially facilitating man-in-the-middle, site-impersonation, or denial-of-\n service attacks.\n\n Successfully exploiting of the Buffer Overflow vulnerability allows a\n remote attacker to execute arbitrary code with superuser privileges,\n resulting in a complete compromise of the affected computer. Failed\n exploits will cause a denial of service.\");\n script_tag(name:\"affected\", value:\"PowerDNS Recursor 3.1.7.1 and earlier are vulnerable.\");\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for details.\");\n script_tag(name:\"summary\", value:\"PowerDNS Recursor is prone to a remote cache-poisoning vulnerability and to a\n Buffer Overflow Vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! infos = get_app_version_and_proto( cpe:CPE, port:port ) ) exit( 0 );\n\nversion = infos[\"version\"];\nproto = infos[\"proto\"];\n\nif( version_is_less( version:version, test_version:\"3.1.7.2\" ) ) {\n report = report_fixed_ver( installed_version:version, fixed_version:\"3.1.7.2\" );\n security_message( data:report, port:port, proto:proto );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-25T10:55:08", "description": "Check for the Version of pdns-recursor", "cvss3": {}, "published": "2010-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2010-0209", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2018-01-24T00:00:00", "id": "OPENVAS:1361412562310861603", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861603", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2010-0209\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdns-recursor on Fedora 11\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861603\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-0209\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2010-0209\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.1.7.2~1.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:09:48", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-02-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: powerdns-recursor", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-02-10T00:00:00", "id": "OPENVAS:66822", "href": "http://plugins.openvas.org/nasl.php?oid=66822", "sourceData": "#\n#VID dd8f2394-fd08-11de-b425-00215c6a37bb\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID dd8f2394-fd08-11de-b425-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: powerdns-recursor\n\nCVE-2009-4010\nUnspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows\nremote attackers to spoof DNS data via crafted zones.\n\nCVE-2009-4009\nBuffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote\nattackers to cause a denial of service (daemon crash) or possibly\nexecute arbitrary code via crafted packets.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\nif(description)\n{\n script_id(66822);\n script_version(\"$Revision: 5263 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-10 14:45:51 +0100 (Fri, 10 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-10 21:51:26 +0100 (Wed, 10 Feb 2010)\");\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_bugtraq_id(37650,37653);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: powerdns-recursor\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"powerdns-recursor\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.1.7.2\")<0) {\n txt += 'Package powerdns-recursor version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-17T11:05:08", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2010-02-10T00:00:00", "type": "openvas", "title": "FreeBSD Ports: powerdns-recursor", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:136141256231066822", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066822", "sourceData": "#\n#VID dd8f2394-fd08-11de-b425-00215c6a37bb\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID dd8f2394-fd08-11de-b425-00215c6a37bb\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: powerdns-recursor\n\nCVE-2009-4010\nUnspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows\nremote attackers to spoof DNS data via crafted zones.\n\nCVE-2009-4009\nBuffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote\nattackers to cause a denial of service (daemon crash) or possibly\nexecute arbitrary code via crafted packets.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66822\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-10 21:51:26 +0100 (Wed, 10 Feb 2010)\");\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_bugtraq_id(37650,37653);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: powerdns-recursor\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"powerdns-recursor\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.1.7.2\")<0) {\n txt += 'Package powerdns-recursor version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:55", "description": "Check for the Version of pdns-recursor", "cvss3": {}, "published": "2010-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2010-0228", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-12-22T00:00:00", "id": "OPENVAS:861600", "href": "http://plugins.openvas.org/nasl.php?oid=861600", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2010-0228\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdns-recursor on Fedora 12\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html\");\n script_id(861600);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-0228\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2010-0228\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.1.7.2~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:26", "description": "Check for the Version of pdns-recursor", "cvss3": {}, "published": "2010-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for pdns-recursor FEDORA-2010-0209", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:861603", "href": "http://plugins.openvas.org/nasl.php?oid=861603", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdns-recursor FEDORA-2010-0209\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdns-recursor on Fedora 11\";\ntag_insight = \"PowerDNS Recursor is a non authoritative/recursing DNS server. Use this\n package if you need a dns cache for your network.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.html\");\n script_id(861603);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-15 10:29:41 +0100 (Fri, 15 Jan 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-0209\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_name(\"Fedora Update for pdns-recursor FEDORA-2010-0209\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdns-recursor\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdns-recursor\", rpm:\"pdns-recursor~3.1.7.2~1.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:18", "description": "The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-2.", "cvss3": {}, "published": "2010-02-01T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1968-2 (pdns-recursor)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66776", "href": "http://plugins.openvas.org/nasl.php?oid=66776", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1968_2.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 1968-2 (pdns-recursor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that pdns-recursor, the PowerDNS recursive name server,\ncontains a cache poisoning vulnerability which may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nThis DSA provides a security update for the old stable distribution\n(etch), similar to the previous update in DSA-1968-1. (Note that the\netch version of pdns-recursor was not vulnerable to CVE-2009-4009.)\n\nExtra care should be applied when installing this update. It is an etch\nbackport of the lenny version of the package (3.1.7 with security fixes\napplied). Major differences in internal domain name processing made\nbackporting just the security fix too difficult.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 3.1.4+v3.1.7-0+etch1.\n\nWe recommend that you upgrade your pdns-recursor package.\";\ntag_summary = \"The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-2\";\n\n\nif(description)\n{\n script_id(66776);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-02-01 18:25:19 +0100 (Mon, 01 Feb 2010)\");\n script_cve_id(\"CVE-2009-4010\", \"CVE-2009-4009\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1968-2 (pdns-recursor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.1.4+v3.1.7-0+etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:28", "description": "The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-1.", "cvss3": {}, "published": "2010-01-20T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1968-1 (pdns-recursor)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:66734", "href": "http://plugins.openvas.org/nasl.php?oid=66734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1968_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 1968-1 (pdns-recursor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code (CVE-2009-4009).\n\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nFor the old stable distribution (etch), fixed packages will be\nprovided soon.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\nWe recommend that you upgrade your pdns-recursor package.\";\ntag_summary = \"The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-1\";\n\n\nif(description)\n{\n script_id(66734);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1968-1 (pdns-recursor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.1.7-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:05:16", "description": "The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-1.", "cvss3": {}, "published": "2010-01-20T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1968-1 (pdns-recursor)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:136141256231066734", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066734", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1968_1.nasl 8440 2018-01-17 07:58:46Z teissa $\n# Description: Auto-generated from advisory DSA 1968-1 (pdns-recursor)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code (CVE-2009-4009).\n\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nFor the old stable distribution (etch), fixed packages will be\nprovided soon.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\nWe recommend that you upgrade your pdns-recursor package.\";\ntag_summary = \"The remote host is missing an update to pdns-recursor\nannounced via advisory DSA 1968-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201968-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66734\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-01-20 20:07:43 +0100 (Wed, 20 Jan 2010)\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1968-1 (pdns-recursor)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdns-recursor\", ver:\"3.1.7-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:08", "description": "Gentoo Linux Local Security Checks GLSA 201412-33", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-33", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4010", "CVE-2012-1193", "CVE-2014-8601", "CVE-2009-4009"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121319", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121319", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-33.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121319\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:19 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-33\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-33\");\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\", \"CVE-2012-1193\", \"CVE-2014-8601\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-33\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-dns/pdns-recursor\", unaffected: make_list(\"ge 3.6.1-r1\"), vulnerable: make_list(\"lt 3.6.1-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2022-07-04T02:15:13", "description": "Gerfried Fuchs uploaded new packages for pdns-recursor which fixed the\nfollowing security problems:\n\nCVE-2009-4009\n\n A buffer overflow can be exploited to crash the daemon, or potentially\n execute arbitrary code.\n\nCVE-2009-4010\n\n A cache poisoning vulnerability may allow attackers to trick the\n server into serving incorrect DNS data.\n\nFor the etch-backports distribution the problems have been fixed in\nversion 3.1.7-1+lenny1~bpo40+1.\n\nFor the sid distribution the problems have been fixed in version\n3.1.7.2-1.\n\n\nUpgrade instructions\n--------------------\n\nIf you don't use pinning (see [1]) you have to update the packages\nmanually via "apt-get -t lenny-backports install <packagelist>" with the\npackagelist of your installed packages affected by this update.\n[1] <http://backports.org/dokuwiki/doku.php?id=instructions>\n\nWe recommend to pin the backports repository to 200 so that new versions\nof installed backports will be installed automatically:\n\n Package: *\n Pin: release a=etch-backports\n Pin-Priority: 200\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {}, "published": "2010-01-09T12:01:22", "type": "debian", "title": "[Backports-security-announce] Security Update for pdns-recursor", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-09T12:01:22", "id": "DEBIAN:9C9492C0CBFF271A623652456FB38237:CD6ED", "href": "https://lists.debian.org/debian-backports-announce/2010/01/msg00000.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-21T03:02:55", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1968-2 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 28, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : pdns-recursor\nVulnerability : DNS cache poisoning\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-4010\n\nIt was discovered that pdns-recursor, the PowerDNS recursive name server,\ncontains a cache poisoning vulnerability which may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nThis DSA provides a security update for the old stable distribution\n(etch), similar to the previous update in DSA-1968-1. (Note that the\netch version of pdns-recursor was not vulnerable to CVE-2009-4009.)\n\nExtra care should be applied when installing this update. It is an etch\nbackport of the lenny version of the package (3.1.7 with security fixes\napplied). Major differences in internal domain name processing made\nbackporting just the security fix too difficult.\n\nFor the old stable distribution (etch), this problem has been fixed in\nversion 3.1.4+v3.1.7-0+etch1.\n\nWe recommend that you upgrade your pdns-recursor package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7.orig.tar.gz\n Size/MD5 checksum: 211760 38c58fef666685d6756da97baf9b4d51\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1.diff.gz\n Size/MD5 checksum: 14100 3872ac93703320db9257d421d011af66\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1.dsc\n Size/MD5 checksum: 1227 b0ce0cdfa67a7759ec5f43dfe95b733e\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_alpha.deb\n Size/MD5 checksum: 580492 ae99c07e883f297f2f8cc1cef72a15c4\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_amd64.deb\n Size/MD5 checksum: 486532 2b77a01f8594031e7fbb7b26d85e8bf8\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_i386.deb\n Size/MD5 checksum: 506954 0fc7f125b55dddf38779a266a2a01e35\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_ia64.deb\n Size/MD5 checksum: 693478 117be1c8613bd0dc35e3303f15ced0d0\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_powerpc.deb\n Size/MD5 checksum: 502984 ac3fa49c7889903425032190e514de31\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_s390.deb\n Size/MD5 checksum: 472764 db2847b3a85417f380183dbd23007687\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-01-28T21:05:39", "type": "debian", "title": "[SECURITY] [DSA 1968-2] New pdns-recursor packages fix cache poisoning", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-28T21:05:39", "id": "DEBIAN:DSA-1968-2:D18EC", "href": "https://lists.debian.org/debian-security-announce/2010/msg00019.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:17", "description": "Gerfried Fuchs uploaded new packages for pdns-recursor which fixed the\nfollowing security problems:\n\nCVE-2009-4009\n\n A buffer overflow can be exploited to crash the daemon, or potentially\n execute arbitrary code.\n\nCVE-2009-4010\n\n A cache poisoning vulnerability may allow attackers to trick the\n server into serving incorrect DNS data.\n\nFor the etch-backports distribution the problems have been fixed in\nversion 3.1.7-1+lenny1~bpo40+1.\n\nFor the sid distribution the problems have been fixed in version\n3.1.7.2-1.\n\n\nUpgrade instructions\n--------------------\n\nIf you don't use pinning (see [1]) you have to update the packages\nmanually via "apt-get -t lenny-backports install <packagelist>" with the\npackagelist of your installed packages affected by this update.\n[1] <http://backports.org/dokuwiki/doku.php?id=instructions>\n\nWe recommend to pin the backports repository to 200 so that new versions\nof installed backports will be installed automatically:\n\n Package: *\n Pin: release a=etch-backports\n Pin-Priority: 200\n", "cvss3": {}, "published": "2010-01-09T12:36:38", "type": "debian", "title": "[Backports-security-announce] Security Update for pdns-recursor", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2010-01-09T12:36:38", "id": "DEBIAN:5046C34B6483326B151248BE8176C7E6:CD6ED", "href": "https://lists.debian.org/debian-backports-announce/2010/debian-backports-announce-201001/msg00000.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T00:45:25", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1968-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 08, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : pdns-recursor\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-4009 CVE-2009-4010\n\nIt was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code (CVE-2009-4009).\n\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data (CVE-2009-4010).\n\nFor the old stable distribution (etch), fixed packages will be\nprovided soon.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\nWe recommend that you upgrade your pdns-recursor package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7.orig.tar.gz\n Size/MD5 checksum: 211760 38c58fef666685d6756da97baf9b4d51\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.dsc\n Size/MD5 checksum: 1654 fff9beb43eec355ca42d93d53c1ce299\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.diff.gz\n Size/MD5 checksum: 14769 8794fecd11f1b014592e2a36d40aaaf6\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_alpha.deb\n Size/MD5 checksum: 545726 dc05fab76c0fcb051b9a428cfa126061\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_amd64.deb\n Size/MD5 checksum: 440822 365fc4da2fd1770f8e62f1a3a0046231\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_i386.deb\n Size/MD5 checksum: 440686 ac26d27658892619ce539921796bce67\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_ia64.deb\n Size/MD5 checksum: 631308 f80c2d28ee6d9ebdbf6cad177c8fbddd\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_powerpc.deb\n Size/MD5 checksum: 463434 f0bba833d4231bb2237433373e888a12\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_s390.deb\n Size/MD5 checksum: 428138 994a5190fa0f73b49252bee0a695fb4d\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-01-08T21:46:14", "type": "debian", "title": "[SECURITY] [DSA 1968-1] New pdns-recursor packages fix potential code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-08T21:46:14", "id": "DEBIAN:DSA-1968-1:B8A8D", "href": "https://lists.debian.org/debian-security-announce/2010/msg00003.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-08-19T13:05:14", "description": "It was discovered that pdns-recursor, the PowerDNS recursive name server, contains several vulnerabilities :\n\n - CVE-2009-4009 A buffer overflow can be exploited to crash the daemon, or potentially execute arbitrary code.\n\n - CVE-2009-4010 A cache poisoning vulnerability may allow attackers to trick the server into serving incorrect DNS data.", "cvss3": {"score": null, "vector": null}, "published": "2010-02-24T00:00:00", "type": "nessus", "title": "Debian DSA-1968-1 : pdns-recursor - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:pdns-recursor", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1968.NASL", "href": "https://www.tenable.com/plugins/nessus/44833", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1968. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44833);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n script_xref(name:\"DSA\", value:\"1968\");\n\n script_name(english:\"Debian DSA-1968-1 : pdns-recursor - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities :\n\n - CVE-2009-4009\n A buffer overflow can be exploited to crash the daemon,\n or potentially execute arbitrary code.\n\n - CVE-2009-4010\n A cache poisoning vulnerability may allow attackers to\n trick the server into serving incorrect DNS data.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-4010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-1968\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the pdns-recursor package.\n\nFor the oldstable distribution (etch), fixed packages will be provided\nsoon.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"pdns-recursor\", reference:\"3.1.7-1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:43:25", "description": "According to its self-reported version number, the version of the PowerDNS Recursor listening on the remote host is version 3.x prior to 3.1.7.2. It is, therefore, affected by multiple vulnerabilities :\n\n - A buffer overflow condition exists that allows a remote \tattacker, via crafted packets, to cause a daemon crash, \tresulting in a denial of service condition.\n \t(CVE-2009-4009)\n\n - An unspecified flaw exists that allows a remote attacker \tto spoof DNS data via crafted zones. (CVE-2009-4010)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2016-01-15T00:00:00", "type": "nessus", "title": "PowerDNS Recursor 3.x < 3.1.7.2 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2018-07-26T00:00:00", "cpe": ["cpe:/a:powerdns:powerdns", "cpe:/a:powerdns:recursor"], "id": "POWERDNS_RECURSOR_3_1_7_2.NASL", "href": "https://www.tenable.com/plugins/nessus/87950", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(87950);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/26 13:32:42\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n\n script_name(english:\"PowerDNS Recursor 3.x < 3.1.7.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the PowerDNS Recursor version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote name server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the version of the\nPowerDNS Recursor listening on the remote host is version 3.x prior to\n3.1.7.2. It is, therefore, affected by multiple vulnerabilities :\n\n - A buffer overflow condition exists that allows a remote\n \tattacker, via crafted packets, to cause a daemon crash,\n \tresulting in a denial of service condition.\n \t(CVE-2009-4009)\n\n - An unspecified flaw exists that allows a remote attacker\n \tto spoof DNS data via crafted zones. (CVE-2009-4010)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://doc.powerdns.com/md/security/powerdns-advisory-2010-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://doc.powerdns.com/md/security/powerdns-advisory-2010-02/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PowerDNS Recursor 3.1.7.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\",value:\"2010/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\",value:\"2010/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/15\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerdns:powerdns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:powerdns:recursor\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n\n script_family(english:\"DNS\");\n script_dependencies(\"pdns_version.nasl\");\n script_require_keys(\"pdns/version\", \"pdns/version_full\", \"pdns/version_source\", \"pdns/type\", \"Settings/ParanoidReport\");\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"PowerDNS Recursor\";\nversion_source = get_kb_item_or_exit(\"pdns/version_source\");\nversion_full = get_kb_item_or_exit(\"pdns/version_full\");\nversion = get_kb_item_or_exit(\"pdns/version\");\n\nfix = '3.1.7.2';\nport = 53;\n\n# Only the Recursor is affected\ntype = get_kb_item_or_exit(\"pdns/type\");\nif (type != 'recursor') audit(AUDIT_NOT_LISTEN, app_name, port, \"UDP\");\n\nif (version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_APP_VER, app_name);\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (version !~ \"^3\\.\" || (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0))\n audit(AUDIT_LISTEN_NOT_VULN, app_name, port, version_full, \"UDP\");\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Version source : ' + version_source +\n '\\n Installed version : ' + version_full +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_hole(port:port, proto:\"udp\", extra:report);\n}\nelse security_hole(port:port, proto:\"udp\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:06", "description": "This update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).", "cvss3": {"score": null, "vector": null}, "published": "2010-02-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pdns-recursor (pdns-recursor-1945)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:pdns-recursor", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_PDNS-RECURSOR-100209.NASL", "href": "https://www.tenable.com/plugins/nessus/44610", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update pdns-recursor-1945.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44610);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n\n script_name(english:\"openSUSE Security Update : pdns-recursor (pdns-recursor-1945)\");\n script_summary(english:\"Check for the pdns-recursor-1945 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of pdns-rucursor improves the packet parsing code to fix a\npossible DNS spoofing vulnerability (CVE-2009-4010) and a remote\nbuffer overflow that could give the ability to execute arbitrary code\n(CVE-2009-4009).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=567990\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"pdns-recursor-3.1.5-14.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:14", "description": "Update to upstream version 3.1.7.2.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-02-25T00:00:00", "type": "nessus", "title": "Fedora 11 : pdns-recursor-3.1.7.2-1.fc11 (2010-0209)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdns-recursor", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2010-0209.NASL", "href": "https://www.tenable.com/plugins/nessus/44885", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-0209.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44885);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n script_xref(name:\"FEDORA\", value:\"2010-0209\");\n\n script_name(english:\"Fedora 11 : pdns-recursor-3.1.7.2-1.fc11 (2010-0209)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 3.1.7.2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=552285\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-January/033540.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?edf3727e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"pdns-recursor-3.1.7.2-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:16", "description": "This update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).", "cvss3": {"score": null, "vector": null}, "published": "2010-02-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pdns-recursor (pdns-recursor-1945)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:pdns-recursor", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_PDNS-RECURSOR-100209.NASL", "href": "https://www.tenable.com/plugins/nessus/44619", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update pdns-recursor-1945.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44619);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n\n script_name(english:\"openSUSE Security Update : pdns-recursor (pdns-recursor-1945)\");\n script_summary(english:\"Check for the pdns-recursor-1945 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of pdns-rucursor improves the packet parsing code to fix a\npossible DNS spoofing vulnerability (CVE-2009-4010) and a remote\nbuffer overflow that could give the ability to execute arbitrary code\n(CVE-2009-4009).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=567990\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"pdns-recursor-3.1.7-8.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:25", "description": "PowerDNS Security Advisory reports :\n\nPowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited.\n\nPowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data", "cvss3": {"score": null, "vector": null}, "published": "2010-01-11T00:00:00", "type": "nessus", "title": "FreeBSD : powerdns-recursor -- multiple vulnerabilities (dd8f2394-fd08-11de-b425-00215c6a37bb)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:powerdns-recursor", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_DD8F2394FD0811DEB42500215C6A37BB.NASL", "href": "https://www.tenable.com/plugins/nessus/43847", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43847);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n\n script_name(english:\"FreeBSD : powerdns-recursor -- multiple vulnerabilities (dd8f2394-fd08-11de-b425-00215c6a37bb)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PowerDNS Security Advisory reports :\n\nPowerDNS Recursor up to and including 3.1.7.1 can be brought down and\nprobably exploited.\n\nPowerDNS Recursor up to and including 3.1.7.1 can be spoofed into\naccepting bogus data\"\n );\n # https://vuxml.freebsd.org/freebsd/dd8f2394-fd08-11de-b425-00215c6a37bb.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e35d7f85\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:powerdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"powerdns-recursor<3.1.7.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:17", "description": "Update to upstream version 3.1.7.2.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-02-25T00:00:00", "type": "nessus", "title": "Fedora 12 : pdns-recursor-3.1.7.2-1.fc12 (2010-0228)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdns-recursor", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-0228.NASL", "href": "https://www.tenable.com/plugins/nessus/44888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-0228.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44888);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n script_bugtraq_id(37650, 37653);\n script_xref(name:\"FEDORA\", value:\"2010-0228\");\n\n script_name(english:\"Fedora 12 : pdns-recursor-3.1.7.2-1.fc12 (2010-0228)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to upstream version 3.1.7.2.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=552285\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-January/033551.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?599853eb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"pdns-recursor-3.1.7.2-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:05:16", "description": "This update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).", "cvss3": {"score": null, "vector": null}, "published": "2010-02-15T00:00:00", "type": "nessus", "title": "openSUSE Security Update : pdns-recursor (pdns-recursor-1945)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:pdns-recursor", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_PDNS-RECURSOR-100209.NASL", "href": "https://www.tenable.com/plugins/nessus/44615", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update pdns-recursor-1945.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(44615);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\");\n\n script_name(english:\"openSUSE Security Update : pdns-recursor (pdns-recursor-1945)\");\n script_summary(english:\"Check for the pdns-recursor-1945 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of pdns-rucursor improves the packet parsing code to fix a\npossible DNS spoofing vulnerability (CVE-2009-4010) and a remote\nbuffer overflow that could give the ability to execute arbitrary code\n(CVE-2009-4009).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=567990\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdns-recursor package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"pdns-recursor-3.1.7-6.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdns-recursor\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:47:26", "description": "The remote host is affected by the vulnerability described in GLSA-201412-33 (PowerDNS Recursor: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PowerDNS Recursor.\n Please review the CVE identifiers and PowerDNS blog post referenced below for details.\n Impact :\n\n A remote attacker may be able to send specially crafted packets, possibly resulting in arbitrary code execution or a Denial of Service condition. Furthermore, a remote attacker may be able to spoof DNS data.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-12-23T00:00:00", "type": "nessus", "title": "GLSA-201412-33 : PowerDNS Recursor: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010", "CVE-2012-1193", "CVE-2014-8601"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:pdns-recursor", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-33.NASL", "href": "https://www.tenable.com/plugins/nessus/80210", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-33.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80210);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-4009\", \"CVE-2009-4010\", \"CVE-2012-1193\", \"CVE-2014-8601\");\n script_bugtraq_id(37650, 37653, 59348, 71545);\n script_xref(name:\"GLSA\", value:\"201412-33\");\n\n script_name(english:\"GLSA-201412-33 : PowerDNS Recursor: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-33\n(PowerDNS Recursor: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PowerDNS Recursor.\n Please review the CVE identifiers and PowerDNS blog post referenced below\n for details.\n \nImpact :\n\n A remote attacker may be able to send specially crafted packets,\n possibly resulting in arbitrary code execution or a Denial of Service\n condition. Furthermore, a remote attacker may be able to spoof DNS data.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e0bd75f6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-33\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PowerDNS Recursor users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/pdns-recursor-3.6.1-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pdns-recursor\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-dns/pdns-recursor\", unaffected:make_list(\"ge 3.6.1-r1\"), vulnerable:make_list(\"lt 3.6.1-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PowerDNS Recursor\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nPowerDNS Security Advisory reports:\n\nPowerDNS Recursor up to and including 3.1.7.1 can be\n\t brought down and probably exploited.\n\n\nPowerDNS Recursor up to and including 3.1.7.1 can be\n\t spoofed into accepting bogus data\n\n\n", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "freebsd", "title": "powerdns-recursor -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-06T00:00:00", "id": "DD8F2394-FD08-11DE-B425-00215C6A37BB", "href": "https://vuxml.freebsd.org/freebsd/dd8f2394-fd08-11de-b425-00215c6a37bb.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-08-10T07:08:41", "description": "\nIt was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\n\n* [CVE-2009-4009](https://security-tracker.debian.org/tracker/CVE-2009-4009)\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code.\n* [CVE-2009-4010](https://security-tracker.debian.org/tracker/CVE-2009-4010)\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data.\n\n\nFor the oldstable distribution (etch), fixed packages will be\nprovided soon.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\n\nWe recommend that you upgrade your pdns-recursor package.\n\n\n", "edition": 1, "cvss3": {}, "published": "2010-01-08T00:00:00", "type": "osv", "title": "pdns-recursor - cache poisoning", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2022-08-10T07:08:33", "id": "OSV:DSA-1968-2", "href": "https://osv.dev/vulnerability/DSA-1968-2", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T07:08:41", "description": "\nIt was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\n\n* [CVE-2009-4009](https://security-tracker.debian.org/tracker/CVE-2009-4009)\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code.\n* [CVE-2009-4010](https://security-tracker.debian.org/tracker/CVE-2009-4010)\nA cache poisoning vulnerability may allow attackers to trick the\nserver into serving incorrect DNS data.\n\n\nFor the oldstable distribution (etch), fixed packages will be\nprovided soon.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1.\n\n\nWe recommend that you upgrade your pdns-recursor package.\n\n\n", "edition": 1, "cvss3": {}, "published": "2010-01-08T00:00:00", "type": "osv", "title": "pdns-recursor - potential code execution", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2022-08-10T07:08:33", "id": "OSV:DSA-1968-1", "href": "https://osv.dev/vulnerability/DSA-1968-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T19:10:06", "description": "Buffer overflow, records spoofing.", "edition": 2, "cvss3": {}, "published": "2010-01-07T00:00:00", "type": "securityvulns", "title": "PowerDNS multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010", "CVE-2009-4009"], "modified": "2010-01-07T00:00:00", "id": "SECURITYVULNS:VULN:10503", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10503", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:32", "description": "PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data\r\n\r\nTable 1-7. PowerDNS Security Advisory\r\nCVE \tCVE-2009-4010\r\nDate \t6th of January 2010\r\nAffects \tPowerDNS Recursor 3.1.7.1 and earlier\r\nNot affected \tNo versions of the PowerDNS Authoritative ('pdns_server') are affected.\r\nSeverity \tHigh\r\nImpact \tUsing smart techniques, it is possible to fool the PowerDNS Recursor into accepting unauthorized data\r\nExploit \tWithheld\r\nSolution \tUpgrade to PowerDNS Recursor 3.1.7.2 or higher\r\nWorkaround \tNone.\r\n\r\nUsing specially crafted zones, it is possible to fool the PowerDNS Recursor into accepting bogus data. This data might be harmful to your users. An attacker would be able to divert data from, say, bigbank.com to an IP address of his choosing.\r\n\r\nThis vulnerability was discovered by a third party that (for now) prefers not to be named. PowerDNS is very grateful however for their help in improving PowerDNS security. ", "edition": 1, "cvss3": {}, "published": "2010-01-07T00:00:00", "type": "securityvulns", "title": "PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010"], "modified": "2010-01-07T00:00:00", "id": "SECURITYVULNS:DOC:23016", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23016", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:32", "description": "PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited\r\n\r\nTable 1-6. PowerDNS Security Advisory\r\nCVE \tCVE-2009-4009\r\nDate \t6th of January 2010\r\nAffects \tPowerDNS Recursor 3.1.7.1 and earlier\r\nNot affected \tNo versions of the PowerDNS Authoritative ('pdns_server') are affected.\r\nSeverity \tCritical\r\nImpact \tDenial of Service, possible full system compromise\r\nExploit \tWithheld\r\nSolution \tUpgrade to PowerDNS Recursor 3.1.7.2 or higher\r\nWorkaround \tNone. The risk of exploitation or denial of service can be decreased slightly by using the 'allow-from' setting to only provide service to known users. The risk of a full system compromise can be reduced by running with a suitable reduced privilege user and group settings, and possibly chroot environment.\r\n\r\nUsing specially crafted packets, it is possible to force a buffer overflow in the PowerDNS Recursor, leading to a crash.\r\n\r\nThis vulnerability was discovered by a third party that (for now) prefers not to be named. PowerDNS is very grateful however for their help in improving PowerDNS security. ", "edition": 1, "cvss3": {}, "published": "2010-01-07T00:00:00", "type": "securityvulns", "title": "PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009"], "modified": "2010-01-07T00:00:00", "id": "SECURITYVULNS:DOC:23015", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23015", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. ", "cvss3": {}, "published": "2010-01-07T00:55:19", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: pdns-recursor-3.1.7.2-1.fc11", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-07T00:55:19", "id": "FEDORA:2E12110F8CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EYBFRAIKS7ZB2M7TOGI36WJEGOWBYWLE/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "description": "PowerDNS Recursor is a non authoritative/recursing DNS server. Use this package if you need a dns cache for your network. ", "cvss3": {}, "published": "2010-01-07T00:57:41", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: pdns-recursor-3.1.7.2-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010"], "modified": "2010-01-07T00:57:41", "id": "FEDORA:4765310F8CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7ZQVWBG3DT3UQ7777GOLX63FTT5PYV4K/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:07:18", "description": "### Background\n\nPowerDNS Recursor is a high-end, high-performance resolving name server\n\n### Description\n\nMultiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details. \n\n### Impact\n\nA remote attacker may be able to send specially crafted packets, possibly resulting in arbitrary code execution or a Denial of Service condition. Furthermore, a remote attacker may be able to spoof DNS data. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll PowerDNS Recursor users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-dns/pdns-recursor-3.6.1-r1\"", "cvss3": {}, "published": "2014-12-22T00:00:00", "type": "gentoo", "title": "PowerDNS Recursor: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009", "CVE-2009-4010", "CVE-2012-1193", "CVE-2014-8601"], "modified": "2014-12-22T00:00:00", "id": "GLSA-201412-33", "href": "https://security.gentoo.org/glsa/201412-33", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T21:37:31", "description": "Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.", "cvss3": {}, "published": "2010-01-08T17:30:00", "type": "cve", "title": "CVE-2009-4010", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010"], "modified": "2018-10-10T19:48:00", "cpe": ["cpe:/a:powerdns:recursor:3.1.1", "cpe:/a:powerdns:recursor:3.1.6", "cpe:/a:powerdns:recursor:3.1.3", "cpe:/a:powerdns:recursor:3.1", "cpe:/a:powerdns:recursor:3.0", "cpe:/a:powerdns:recursor:2.9.16", "cpe:/a:powerdns:recursor:2.9.18", "cpe:/a:powerdns:recursor:3.1.7", "cpe:/a:powerdns:recursor:3.1.2", "cpe:/a:powerdns:recursor:2.0_rc1", "cpe:/a:powerdns:recursor:3.1.7.2", "cpe:/a:powerdns:recursor:2.8", "cpe:/a:powerdns:recursor:3.1.5", "cpe:/a:powerdns:recursor:3.0.1", "cpe:/a:powerdns:recursor:2.9.17", "cpe:/a:powerdns:recursor:2.9.15", "cpe:/a:powerdns:recursor:3.1.7.1", "cpe:/a:powerdns:recursor:3.1.4"], "id": "CVE-2009-4010", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4010", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T21:37:30", "description": "Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.", "cvss3": {}, "published": "2010-01-08T17:30:00", "type": "cve", "title": "CVE-2009-4009", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009"], "modified": "2018-10-10T19:48:00", "cpe": ["cpe:/a:powerdns:recursor:3.1.1", "cpe:/a:powerdns:recursor:3.1.6", "cpe:/a:powerdns:recursor:3.1.3", "cpe:/a:powerdns:recursor:3.1", "cpe:/a:powerdns:recursor:3.0", "cpe:/a:powerdns:recursor:2.9.16", "cpe:/a:powerdns:recursor:3.0.1", "cpe:/a:powerdns:recursor:2.9.18", "cpe:/a:powerdns:recursor:3.1.7", "cpe:/a:powerdns:recursor:2.0_rc1", "cpe:/a:powerdns:recursor:3.1.7.2", "cpe:/a:powerdns:recursor:2.8", "cpe:/a:powerdns:recursor:3.1.5", "cpe:/a:powerdns:recursor:3.1.2", "cpe:/a:powerdns:recursor:2.9.17", "cpe:/a:powerdns:recursor:2.9.15", "cpe:/a:powerdns:recursor:3.1.7.1", "cpe:/a:powerdns:recursor:3.1.4"], "id": "CVE-2009-4009", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4009", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:powerdns:recursor:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2022-08-04T14:38:04", "description": "Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote\nattackers to spoof DNS data via crafted zones.\n\n#### Bugs\n\n * <https://bugs.edge.launchpad.net/ubuntu/+source/pdns-recursor/+bug/502987>\n", "cvss3": {}, "published": "2010-01-08T00:00:00", "type": "ubuntucve", "title": "CVE-2009-4010", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010"], "modified": "2010-01-08T00:00:00", "id": "UB:CVE-2009-4010", "href": "https://ubuntu.com/security/CVE-2009-4010", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:38:04", "description": "Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers\nto cause a denial of service (daemon crash) or possibly execute arbitrary\ncode via crafted packets.\n\n#### Bugs\n\n * <https://bugs.edge.launchpad.net/ubuntu/+source/pdns-recursor/+bug/502987>\n", "cvss3": {}, "published": "2010-01-08T00:00:00", "type": "ubuntucve", "title": "CVE-2009-4009", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009"], "modified": "2010-01-08T00:00:00", "id": "UB:CVE-2009-4009", "href": "https://ubuntu.com/security/CVE-2009-4009", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-11-27T06:07:46", "description": "Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.", "cvss3": {}, "published": "2010-01-08T17:30:00", "type": "debiancve", "title": "CVE-2009-4010", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4010"], "modified": "2010-01-08T17:30:00", "id": "DEBIANCVE:CVE-2009-4010", "href": "https://security-tracker.debian.org/tracker/CVE-2009-4010", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-11-27T06:07:46", "description": "Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.", "cvss3": {}, "published": "2010-01-08T17:30:00", "type": "debiancve", "title": "CVE-2009-4009", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-4009"], "modified": "2010-01-08T17:30:00", "id": "DEBIANCVE:CVE-2009-4009", "href": "https://security-tracker.debian.org/tracker/CVE-2009-4009", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
Fedora Update for pdns-recursor FEDORA-2010-0228
