fkie_cve-2006-4251
Vulnerability from fkie_nvd
Published
2006-11-14 19:07
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length.
References
security@debian.orghttp://doc.powerdns.com/powerdns-advisory-2006-01.htmlPatch, Vendor Advisory
security@debian.orghttp://lists.suse.com/archive/suse-security-announce/2006-Nov/0007.html
security@debian.orghttp://secunia.com/advisories/22824Patch, Vendor Advisory
security@debian.orghttp://secunia.com/advisories/22903
security@debian.orghttp://secunia.com/advisories/22976
security@debian.orghttp://www.debian.org/security/2006/dsa-1211
security@debian.orghttp://www.securityfocus.com/bid/21037Patch
security@debian.orghttp://www.vupen.com/english/advisories/2006/4484
security@debian.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/30270
af854a3a-2127-422b-91ae-364da2661108http://doc.powerdns.com/powerdns-advisory-2006-01.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.suse.com/archive/suse-security-announce/2006-Nov/0007.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22824Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22903
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22976
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1211
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/21037Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/4484
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/30270
Impacted products
Vendor Product Version
powerdns recursor *
powerdns recursor 2.0_rc1
powerdns recursor 2.8
powerdns recursor 2.9.15
powerdns recursor 2.9.16
powerdns recursor 2.9.17
powerdns recursor 2.9.18
powerdns recursor 3.0
powerdns recursor 3.0.1
powerdns recursor 3.1
powerdns recursor 3.1.1
powerdns recursor 3.1.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF03280-64C9-43E0-8A79-DDAFAF049119",
              "versionEndIncluding": "3.1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E02559EA-6C7F-4328-A435-B4F69E640645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D390616D-8CAB-46D3-864D-09AF99E3A407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFAA6A-CA5B-4B2A-BFC2-A0DF85BF68D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "306EBF4B-2292-4B14-9835-9FD0E82FE7CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A31C83E-8A81-4483-A245-FD1C08684183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D51FCC-8AD6-4461-8F48-B77EB2693C89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DDFF27-8CBB-468D-9837-C74538E5EF0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3920499-3580-4EA6-AD56-6515C3B8495A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF444F17-46F1-4036-B5F1-CA04F7F19684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA1E4934-6690-4A09-8E6E-FE7ED57B9DEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D474CF9D-1898-46D3-80B1-2D3743265F56",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en PowerDNS Recursor 3.1.3 y anteriores puede que permita a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante consultas TCP DNS mal formadas que previene a Recursor de calcular correctamente la longitud de una consulta TCP DNS."
    }
  ],
  "evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nPowerDNS, Recursor, 3.1.4",
  "id": "CVE-2006-4251",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-11-14T19:07:00.000",
  "references": [
    {
      "source": "security@debian.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://doc.powerdns.com/powerdns-advisory-2006-01.html"
    },
    {
      "source": "security@debian.org",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Nov/0007.html"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22824"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/22903"
    },
    {
      "source": "security@debian.org",
      "url": "http://secunia.com/advisories/22976"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.debian.org/security/2006/dsa-1211"
    },
    {
      "source": "security@debian.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/21037"
    },
    {
      "source": "security@debian.org",
      "url": "http://www.vupen.com/english/advisories/2006/4484"
    },
    {
      "source": "security@debian.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30270"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://doc.powerdns.com/powerdns-advisory-2006-01.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.suse.com/archive/suse-security-announce/2006-Nov/0007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/22976"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/21037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4484"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30270"
    }
  ],
  "sourceIdentifier": "security@debian.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.