ID CVE-2006-2069
Summary The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets.
References
Vulnerable Configurations
  • cpe:2.3:a:powerdns:powerdns:3.0
    cpe:2.3:a:powerdns:powerdns:3.0
CVSS
Base: 5.0 (as of 30-04-2006 - 17:09)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_PDNS-1314.NASL
    description Remote attackers could crash the pdns server by sending malformed packets (CVE-2006-2069).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27385
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27385
    title openSUSE 10 Security Update : pdns (pdns-1314)
  • NASL family DNS
    NASL id POWERDNS_RECURSOR_3_0_1.NASL
    description According to its self-reported version number, the version of the PowerDNS Recursor listening on the remote host is version 3.x prior to 3.0.1. It is, therefore, affected by a denial of service vulnerability due to improper processing of Extension Mechanisms for DNS (EDNS0) packets. A remote attacker can exploit this vulnerability, via specially crafted EDNS0 packets, to cause an application crash, resulting in a denial of service condition. Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number. Also, Nessus has not checked for the presence of the patch.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 87948
    published 2016-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87948
    title PowerDNS Recursor 3.x < 3.0.1 EDNS0 DoS
refmap via4
bid 17711
confirm http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-0-1
secunia
  • 19831
  • 20117
suse SUSE-SR:2006:010
vupen ADV-2006-1527
xf powerdns-recursor-ednso-dos(26100)
Last major update 16-06-2011 - 00:00
Published 27-04-2006 - 09:34
Last modified 19-07-2017 - 21:31
Back to Top