Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1968-1
HistoryJan 08, 2010 - 12:00 a.m.

pdns-recursor - potential code execution

2010-01-0800:00:00
Google
osv.dev
7

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

It was discovered that pdns-recursor, the PowerDNS recursive name
server, contains several vulnerabilities:

  • CVE-2009-4009
    A buffer overflow can be exploited to crash the daemon, or potentially
    execute arbitrary code.
  • CVE-2009-4010
    A cache poisoning vulnerability may allow attackers to trick the
    server into serving incorrect DNS data.

For the oldstable distribution (etch), fixed packages will be
provided soon.

For the stable distribution (lenny), these problems have been fixed in
version 3.1.7-1+lenny1.

For the unstable distribution (sid), these problems have been fixed in
version 3.1.7.2-1.

We recommend that you upgrade your pdns-recursor package.

Related

debian 4
openvas 12
nessus 9
fedora 2
securityvulns 3
osv 1
freebsd 1
gentoo 1
debiancve 2
cve 2
prion 2
ubuntucve 2
debian
debian
[Backports-security-announce] Security Update for pdns-recursor
2010-01-09 12:36:38
[SECURITY] [DSA 1968-1] New pdns-recursor packages fix potential code execution
2010-01-08 21:46:14
[SECURITY] [DSA 1968-2] New pdns-recursor packages fix cache poisoning
2010-01-28 21:05:39
openvas
openvas
Fedora Update for pdns-recursor FEDORA-2010-0209
2010-01-15 00:00:00
FreeBSD Ports: powerdns-recursor
2010-02-10 00:00:00
FreeBSD Ports: powerdns-recursor
2010-02-10 00:00:00
nessus
nessus
openSUSE Security Update : pdns-recursor (pdns-recursor-1945)
2010-02-15 00:00:00
openSUSE Security Update : pdns-recursor (pdns-recursor-1945)
2010-02-15 00:00:00
FreeBSD : powerdns-recursor -- multiple vulnerabilities (dd8f2394-fd08-11de-b425-00215c6a37bb)
2010-01-11 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: pdns-recursor-3.1.7.2-1.fc12
2010-01-07 00:57:41
[SECURITY] Fedora 11 Update: pdns-recursor-3.1.7.2-1.fc11
2010-01-07 00:55:19
securityvulns
securityvulns
PowerDNS multiple security vulnerabilities
2010-01-07 00:00:00
PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data
2010-01-07 00:00:00
PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited
2010-01-07 00:00:00
osv
osv
pdns-recursor - cache poisoning
2010-01-08 00:00:00
freebsd
freebsd
powerdns-recursor -- multiple vulnerabilities
2010-01-06 00:00:00
gentoo
gentoo
PowerDNS Recursor: Multiple vulnerabilities
2014-12-22 00:00:00
debiancve
debiancve
CVE-2009-4009
2010-01-08 17:30:00
CVE-2009-4010
2010-01-08 17:30:00
cve
cve
CVE-2009-4010
2010-01-08 17:30:00
CVE-2009-4009
2010-01-08 17:30:00
prion
prion
Buffer overflow
2010-01-08 17:30:00
Design/Logic Flaw
2010-01-08 17:30:00
ubuntucve
ubuntucve
CVE-2009-4009
2010-01-08 00:00:00
CVE-2009-4010
2010-01-08 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-1968-1
debian4openvas12nessus9fedora2securityvulns3osv1freebsd1gentoo1debiancve2cve2prion2ubuntucve2