Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1628-1
HistoryAug 10, 2008 - 12:00 a.m.

pdns - DNS spoofing

2008-08-1000:00:00
Google
osv.dev
18

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.007 Low

EPSS

Percentile

77.0%

JSON

Brian Dowling discovered that the PowerDNS authoritative name server
does not respond to DNS queries which contain certain characters,
increasing the risk of successful DNS spoofing (CVE-2008-3337). This
update changes PowerDNS to respond with SERVFAIL responses instead.

For the stable distribution (etch), this problem has been fixed in version
2.9.20-8+etch1.

For the unstable distribution (sid), this problem has been fixed in
version 2.9.21.1-1.

We recommend that you upgrade your pdns package.

CPENameOperatorVersion
pdnseq2.9.20-8

Related

fedora 2
debian 1
nessus 7
openvas 8
securityvulns 2
gentoo 1
prion 1
redhatcve 1
ubuntucve 1
cve 1
debiancve 1
suse 1
fedora
fedora
[SECURITY] Fedora 8 Update: pdns-2.9.21.1-1.fc8
2008-08-07 23:55:49
[SECURITY] Fedora 9 Update: pdns-2.9.21.1-1.fc9
2008-08-07 23:53:05
debian
debian
[SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk
2008-08-10 20:34:06
nessus
nessus
openSUSE 10 Security Update : pdns (pdns-5510)
2008-08-14 00:00:00
PowerDNS Authoritative Server Malformed Query Cache Poisoning Weakness
2008-08-12 00:00:00
Fedora 9 : pdns-2.9.21.1-1.fc9 (2008-7048)
2008-08-08 00:00:00
openvas
openvas
Fedora Update for pdns FEDORA-2008-7083
2009-02-17 00:00:00
Fedora Update for pdns FEDORA-2008-7048
2009-02-17 00:00:00
Debian: Security Advisory (DSA-1628-1)
2023-03-08 00:00:00
securityvulns
securityvulns
[ GLSA 200812-19 ] PowerDNS: Multiple vulnerabilities
2008-12-22 00:00:00
PowerDNS multiple security DNS
2008-12-22 00:00:00
gentoo
gentoo
PowerDNS: Multiple vulnerabilities
2008-12-19 00:00:00
prion
prion
Code injection
2008-08-08 19:41:00
redhatcve
redhatcve
CVE-2008-3337
2019-10-04 20:21:18
ubuntucve
ubuntucve
CVE-2008-3337
2008-08-08 00:00:00
cve
cve
CVE-2008-3337
2008-08-08 19:41:00
debiancve
debiancve
CVE-2008-3337
2008-08-08 19:41:00
suse
suse
remote code execution in openwsman
2008-08-14 18:02:43

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.007 Low

EPSS

Percentile

77.0%

JSON
Related for OSV:DSA-1628-1
fedora2debian1nessus7openvas8securityvulns2gentoo1prion1redhatcve1ubuntucve1cve1debiancve1suse1