logo
DATABASE RESOURCES PRICING ABOUT US

pdns-recursor - cache poisoning

Description

It was discovered that pdns-recursor, the PowerDNS recursive name server, contains several vulnerabilities: * [CVE-2009-4009](https://security-tracker.debian.org/tracker/CVE-2009-4009) A buffer overflow can be exploited to crash the daemon, or potentially execute arbitrary code. * [CVE-2009-4010](https://security-tracker.debian.org/tracker/CVE-2009-4010) A cache poisoning vulnerability may allow attackers to trick the server into serving incorrect DNS data. For the oldstable distribution (etch), fixed packages will be provided soon. For the stable distribution (lenny), these problems have been fixed in version 3.1.7-1+lenny1. For the unstable distribution (sid), these problems have been fixed in version 3.1.7.2-1. We recommend that you upgrade your pdns-recursor package.


Affected Software


CPE Name Name Version
pdns-recursor 3.1.4-4
pdns-recursor 3.1.4-3
pdns-recursor 3.1.4-1
pdns-recursor 3.1.4-1+etch2
pdns-recursor 3.1.4-1+etch1
pdns-recursor 3.1.4-6
pdns-recursor 3.1.4-2
pdns-recursor 3.1.4-5

Related