CVE-2012-0206 - common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 a

CVE-2012-0206

Summary

common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.

References

http://doc.powerdns.com/changelog.html
http://doc.powerdns.com/powerdns-advisory-2012-01.html
https://bugzilla.redhat.com/show_bug.cgi?id=772570

Vulnerable Configurations

cpe:2.3:a:powerdns:authoritative_server:2.9.22:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:authoritative_server:2.9.22:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:authoritative_server:3.0:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:authoritative_server:3.0:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 09-11-2016 - 20:25)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

confirm

http://doc.powerdns.com/changelog.html
http://doc.powerdns.com/powerdns-advisory-2012-01.html
https://bugzilla.redhat.com/show_bug.cgi?id=772570

Last major update

09-11-2016 - 20:25

Published

17-02-2012 - 21:55

Last modified

09-11-2016 - 20:25