PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.

References

bugzilla.redhat.com/show_bug.cgi?id=458122

nvd.nist.gov/vuln/detail/CVE-2008-3337

www.cve.org/CVERecord?id=CVE-2008-3337

prion 5

debiancve 3

ubuntucve 3

cve 3

fedora 5

debian 11

nessus 40

openvas 74

osv 5

checkpoint_advisories 2

altlinux 5

securityvulns 9

seebug 5

ubuntu 2

slackware 3

freebsd_advisory 1

redhat 2

exploitpack 3

oraclelinux 2

freebsd 2

f5 2

packetstorm 3

suse 1

gentoo 3

checkpoint_security 1

centos 2

rubygems 1

mskb 1

prion

Code injection

2008-08-08 19:41:00

Spoofing

2008-07-08 23:41:00

Input validation

2008-07-18 16:41:00

debiancve

CVE-2008-3337

2008-08-08 19:41:00

CVE-2008-1447

2008-07-08 23:41:00

CVE-2008-3217

2008-07-18 16:41:00

ubuntucve

CVE-2008-3337

2008-08-08 00:00:00

CVE-2008-1447

2008-07-08 00:00:00

CVE-2008-3217

2008-07-18 00:00:00

cve

CVE-2008-3337

2008-08-08 19:41:00

CVE-2008-1447

2008-07-08 23:41:00

CVE-2008-3217

2008-07-18 16:41:00

fedora

[SECURITY] Fedora 8 Update: pdns-2.9.21.1-1.fc8

2008-08-07 23:55:49

[SECURITY] Fedora 9 Update: pdns-recursor-3.1.7-2.fc9

2008-07-30 20:11:54

[SECURITY] Fedora 9 Update: pdns-2.9.21.1-1.fc9

2008-08-07 23:53:05

debian

[SECURITY] [DSA 1627-1] New PowerDNS packages reduce DNS spoofing risk

2008-08-10 20:34:06

[SECURITY] [DSA-1619-2] New python-dns package fixes regression

2008-09-22 06:12:09

[SECURITY] [DSA-1619-2] New python-dns package fixes regression

2008-09-22 06:12:09

nessus

openSUSE 10 Security Update : pdns (pdns-5510)

2008-08-14 00:00:00

Fedora 9 : pdns-recursor-3.1.7-2.fc9 (2008-6893)

2008-07-31 00:00:00

PowerDNS Authoritative Server Malformed Query Cache Poisoning Weakness

2008-08-12 00:00:00

openvas

Fedora Update for pdns FEDORA-2008-7083

2009-02-17 00:00:00

Fedora Update for pdns FEDORA-2008-7048

2009-02-17 00:00:00

Fedora Update for pdns FEDORA-2008-7048

2009-02-17 00:00:00

osv

pdns - DNS spoofing

2008-08-10 00:00:00

refpolicy - incompatible policy

2008-07-25 00:00:00

bind9 - cache poisoning

2008-07-08 00:00:00

checkpoint_advisories

Microsoft Windows DNS Insufficient Socket Entropy (MS08-037) - High Confidence (CVE-2008-1447)

2013-05-09 00:00:00

Microsoft Windows DNS Insufficient Socket Entropy (MS08-037; CVE-2008-1447)

2011-11-01 00:00:00

altlinux

Security fix for the ALT Linux 5 package ruby version 1.8.7-alt6

2008-08-12 00:00:00

Security fix for the ALT Linux 5 package bind version 9.3.5-alt2

2008-06-06 00:00:00

Security fix for the ALT Linux 6 package bind version 9.3.5-alt2

2008-06-06 00:00:00

securityvulns

[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing

2008-07-29 00:00:00

CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit

2008-07-25 00:00:00

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

2008-07-12 00:00:00

seebug

BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)

2014-07-01 00:00:00

BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)

2008-07-24 00:00:00

BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)

2008-07-26 00:00:00

ubuntu

Bind vulnerability

2008-07-08 00:00:00

Dnsmasq vulnerability

2008-07-22 00:00:00

slackware

[slackware-security] dnsmasq

2008-07-24 00:02:47

[slackware-security] ruby

2008-11-29 21:37:03

[slackware-security] bind

2008-07-10 04:29:01

freebsd_advisory

FreeBSD-SA-08:06.bind

2008-07-13 00:00:00

redhat

(RHSA-2008:0533) Important: bind security update

2008-07-08 00:00:00

(RHSA-2008:0789) Moderate: dnsmasq security update

2008-08-11 00:00:00

exploitpack

BIND 9.x - Remote DNS Cache Poisoning

2008-07-25 00:00:00

BIND 9.4.1 9.4.2 - Remote DNS Cache Poisoning (Metasploit)

2008-07-23 00:00:00

BIND 9.x - Remote DNS Cache Poisoning (Python)

2008-07-24 00:00:00

oraclelinux

dnsmasq security update

2008-08-11 00:00:00

bind security update

2008-07-08 00:00:00

freebsd

ruby -- DNS spoofing vulnerability

2008-08-08 00:00:00

FreeBSD -- DNS cache poisoning

2008-07-08 00:00:00

K8938 : BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113

2013-03-19 00:00:00

SOL8938 - BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113

2008-07-10 00:00:00

packetstorm

bailiwicked_domain.rb.txt

2008-07-24 00:00:00

bind9x-poison.txt

2008-07-25 00:00:00

bailiwicked_host.rb.txt

2008-07-24 00:00:00

suse

DNS cache poisoning in bind

2008-07-11 09:57:52

gentoo

BIND: Cache poisoning

2008-07-11 00:00:00

PowerDNS: Multiple vulnerabilities

2008-12-19 00:00:00

PowerDNS Recursor: DNS Cache Poisoning

2008-04-18 00:00:00

checkpoint_security

Check Point response to DNS poisoning vulnerability CVE-2008-1447

2008-07-05 21:00:00

centos

bind security update

2008-07-09 01:20:56

bind, caching, selinux security update

2008-07-08 22:25:27

rubygems

ruby -- DNS spoofing vulnerability in resolv.rb

2008-05-04 20:00:00

mskb

MS08-037: Vulnerabilities in DNS could allow spoofing

2018-04-17 19:03:20

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

6.8 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.5%

JSON

Related for RH:CVE-2008-3337