Executive Summary
Summary | |
---|---|
Title | PowerDNS Recursor: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201412-33 | First vendor Publication | 2014-12-22 |
Vendor | Gentoo | Last vendor Modification | 2014-12-22 |
Severity (Vendor) | High | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in PowerDNS Recursor, the worst of which may allow execution of arbitrary code. Background Description Impact Workaround Resolution References http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recursor-configuration-file-guidance/ Availability http://security.gentoo.org/glsa/glsa-201412-33.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201412-33.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12888 | |||
Oval ID: | oval:org.mitre.oval:def:12888 | ||
Title: | DSA-1968-1 pdns-recursor -- several | ||
Description: | It was discovered that pdns-recursor, the PowerDNS recursive name server, contains several vulnerabilities: A buffer overflow can be exploited to crash the daemon, or potentially execute arbitrary code. A cache poisoning vulnerability may allow attackers to trick the server into serving incorrect DNS data. For the old stable distribution, fixed packages will be provided soon. For the stable distribution, these problems have been fixed in version 3.1.7-1+lenny1. For the unstable distribution, these problems have been fixed in version 3.1.7.2-1. We recommend that you upgrade your pdns-recursor package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1968-1 CVE-2009-4009 CVE-2009-4010 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | pdns-recursor |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13457 | |||
Oval ID: | oval:org.mitre.oval:def:13457 | ||
Title: | DSA-1968-2 pdns-recursor -- DNS cache poisoning | ||
Description: | It was discovered that pdns-recursor, the PowerDNS recursive name server, contains a cache poisoning vulnerability which may allow attackers to trick the server into serving incorrect DNS data. This DSA provides a security update for the old stable distribution, similar to the previous update in DSA-1968-1. Extra care should be applied when installing this update. It is an etch backport of the lenny version of the package. Major differences in internal domain name processing made backporting just the security fix too difficult. For the old stable distribution, this problem has been fixed in version 3.1.4+v3.1.7-0+etch1. We recommend that you upgrade your pdns-recursor package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1968-2 CVE-2009-4009 CVE-2009-4010 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | pdns-recursor |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28002 | |||
Oval ID: | oval:org.mitre.oval:def:28002 | ||
Title: | DSA-3096-1 -- pdns-recursor security update | ||
Description: | Florian Maury from ANSSI discovered a flaw in pdns-recursor, a recursive DNS server : a remote attacker controlling maliciously-constructed zones or a rogue server could affect the performance of pdns-recursor, thus leading to resource exhaustion and a potential denial-of-service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-3096-1 CVE-2014-8601 | Version: | 3 |
Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | pdns-recursor |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7153 | |||
Oval ID: | oval:org.mitre.oval:def:7153 | ||
Title: | DSA-1968 pdns-recursor -- several vulnerabilities | ||
Description: | It was discovered that pdns-recursor, the PowerDNS recursive name server, contains several vulnerabilities: A buffer overflow can be exploited to crash the daemon, or potentially execute arbitrary code. A cache poisoning vulnerability may allow attackers to trick the server into serving incorrect DNS data. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1968 CVE-2009-4009 CVE-2009-4010 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | pdns-recursor |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-02-10 | Name : FreeBSD Ports: powerdns-recursor File : nvt/freebsd_powerdns-recursor0.nasl |
2010-02-01 | Name : Debian Security Advisory DSA 1968-2 (pdns-recursor) File : nvt/deb_1968_2.nasl |
2010-01-20 | Name : Debian Security Advisory DSA 1968-1 (pdns-recursor) File : nvt/deb_1968_1.nasl |
2010-01-15 | Name : Fedora Update for pdns-recursor FEDORA-2010-0209 File : nvt/gb_fedora_2010_0209_pdns-recursor_fc11.nasl |
2010-01-15 | Name : Fedora Update for pdns-recursor FEDORA-2010-0228 File : nvt/gb_fedora_2010_0228_pdns-recursor_fc12.nasl |
2010-01-07 | Name : PowerDNS multiple vulnerabilities January 2010 File : nvt/pdns_jan_10.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
61603 | PowerDNS Recursor Crafted Zone Handling Unspecified DNS Spoofing Weakness |
61602 | PowerDNS Recursor Crafted Packet Handling Unspecified Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-01-15 | Name : The remote name server is affected by a denial of service vulnerability. File : powerdns_recursor_3_6_2.nasl - Type : ACT_GATHER_INFO |
2016-01-15 | Name : The remote name server is affected by multiple vulnerabilities. File : powerdns_recursor_3_1_7_2.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-104.nasl - Type : ACT_GATHER_INFO |
2014-12-23 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-798.nasl - Type : ACT_GATHER_INFO |
2014-12-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-33.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3096.nasl - Type : ACT_GATHER_INFO |
2013-07-25 | Name : The remote name server is affected by a ghost domain names vulnerability. File : powerdns_3_5_0.nasl - Type : ACT_GATHER_INFO |
2013-05-01 | Name : The remote Fedora host is missing a security update. File : fedora_2013-6279.nasl - Type : ACT_GATHER_INFO |
2013-05-01 | Name : The remote Fedora host is missing a security update. File : fedora_2013-6316.nasl - Type : ACT_GATHER_INFO |
2013-04-22 | Name : The remote Fedora host is missing a security update. File : fedora_2013-5692.nasl - Type : ACT_GATHER_INFO |
2010-02-25 | Name : The remote Fedora host is missing a security update. File : fedora_2010-0209.nasl - Type : ACT_GATHER_INFO |
2010-02-25 | Name : The remote Fedora host is missing a security update. File : fedora_2010-0228.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1968.nasl - Type : ACT_GATHER_INFO |
2010-02-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_pdns-recursor-100209.nasl - Type : ACT_GATHER_INFO |
2010-02-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_pdns-recursor-100209.nasl - Type : ACT_GATHER_INFO |
2010-02-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_pdns-recursor-100209.nasl - Type : ACT_GATHER_INFO |
2010-01-11 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_dd8f2394fd0811deb42500215c6a37bb.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-12-24 13:25:33 |
|
2014-12-23 00:22:15 |
|