var-201001-0029
Vulnerability from variot
Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones. PowerDNS Recursor is a high performance recursive name server. A remote attacker can trick PowerDNS Recursor into accepting malicious data. The server may incorrectly add records to its cache during parsing of recursive client queries. This is a case of cache poisoning. DNS cache poisoning refers to changing an item in the DNS cache of the DNS server so that the IP address associated with the host name in the cache no longer points to the correct location. For example, if www.example.com maps to the IP address 192.168.0.1 and the mapping exists in the DNS server's cache, an attacker who successfully poisons the server's DNS cache can map www.example.com to 10.0. 0.1. In this case, a user attempting to access www.example.com may contact the wrong web server. PowerDNS is prone to a remote cache-poisoning vulnerability. An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site. Successful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks. PowerDNS 3.1.7.1 and earlier are vulnerable. ----------------------------------------------------------------------
Accurate Vulnerability Scanning No more false positives, no more false negatives
http://secunia.com/vulnerability_scanning/
TITLE: Debian update for pdns-recursor
SECUNIA ADVISORY ID: SA38158
VERIFY ADVISORY: http://secunia.com/advisories/38158/
DESCRIPTION: Debian has issued an update for pdns-recursor. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks and potentially compromise a vulnerable system.
For more information: SA38004
SOLUTION: Reportedly, updated packages will be available soon.
ORIGINAL ADVISORY: DSA-1968-1: http://lists.debian.org/debian-security-announce/2010/msg00003.html
OTHER REFERENCES: SA38004: http://secunia.com/advisories/38004/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201001-0029",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.7.1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.6"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.4"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.5"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.7"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.0_rc1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.0"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1.1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.18"
},
{
"model": "recursor",
"scope": "lte",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1.7.2"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1.3"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1.2"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.0.1"
},
{
"model": "recursor",
"scope": "lt",
"trust": 0.8,
"vendor": "powerdns",
"version": "3.1.7.2"
},
{
"model": "recursor",
"scope": "eq",
"trust": 0.6,
"vendor": "powerdns",
"version": "3.1.7.2"
},
{
"model": "hat fedora",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "16"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.7.1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.7"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.6"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.5"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.4"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.3"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.2"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.0.1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.0"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.7.2"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "BID",
"id": "37653"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:3.1.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1.7.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "bert hubert bert.hubert@netherlabs.nl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
}
],
"trust": 0.6
},
"cve": "CVE-2009-4010",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2009-4010",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.8,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2010-5502",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-4010",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-052",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2010-5502",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones. PowerDNS Recursor is a high performance recursive name server. A remote attacker can trick PowerDNS Recursor into accepting malicious data. The server may incorrectly add records to its cache during parsing of recursive client queries. This is a case of cache poisoning. DNS cache poisoning refers to changing an item in the DNS cache of the DNS server so that the IP address associated with the host name in the cache no longer points to the correct location. For example, if www.example.com maps to the IP address 192.168.0.1 and the mapping exists in the DNS server\u0027s cache, an attacker who successfully poisons the server\u0027s DNS cache can map www.example.com to 10.0. 0.1. In this case, a user attempting to access www.example.com may contact the wrong web server. PowerDNS is prone to a remote cache-poisoning vulnerability. \nAn attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site. \nSuccessful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks. \nPowerDNS 3.1.7.1 and earlier are vulnerable. ----------------------------------------------------------------------\n\n\n\nAccurate Vulnerability Scanning\nNo more false positives, no more false negatives\n\nhttp://secunia.com/vulnerability_scanning/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nDebian update for pdns-recursor\n\nSECUNIA ADVISORY ID:\nSA38158\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38158/\n\nDESCRIPTION:\nDebian has issued an update for pdns-recursor. This fixes some\nvulnerabilities, which can be exploited by malicious people to\nconduct spoofing attacks and potentially compromise a vulnerable\nsystem. \n\nFor more information:\nSA38004\n\nSOLUTION:\nReportedly, updated packages will be available soon. \n\nORIGINAL ADVISORY:\nDSA-1968-1:\nhttp://lists.debian.org/debian-security-announce/2010/msg00003.html\n\nOTHER REFERENCES:\nSA38004:\nhttp://secunia.com/advisories/38004/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "PACKETSTORM",
"id": "85167"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-4010",
"trust": 3.3
},
{
"db": "BID",
"id": "37653",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "38004",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "38068",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0054",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035",
"trust": 0.8
},
{
"db": "FEDORA",
"id": "FEDORA-2010-0209",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2010-0228",
"trust": 0.6
},
{
"db": "XF",
"id": "55439",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14304",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100106 CRITICAL POWERDNS RECURSOR SECURITY VULNERABILITIES: PLEASE UPGRADE ASAP TO 3.1.7.2",
"trust": 0.6
},
{
"db": "SECTRACK",
"id": "1023404",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2010-5502",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "38158",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85167",
"trust": 0.1
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "PACKETSTORM",
"id": "85167"
}
]
},
"id": "VAR-201001-0029",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
}
]
},
"last_update_date": "2021-12-18T17:56:06.278000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "PowerDNS Security Advisory 2010-02",
"trust": 0.8,
"url": "http://doc.powerdns.com/powerdns-advisory-2010-02.html"
},
{
"title": "PowerDNS Recursor Remote Cache Patch for Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/37391"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/37653"
},
{
"trust": 1.9,
"url": "http://doc.powerdns.com/powerdns-advisory-2010-02.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/38068"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2010/0054"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1023404"
},
{
"trust": 1.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=552285"
},
{
"trust": 1.6,
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-january/msg00217.html"
},
{
"trust": 1.6,
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-january/msg00228.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/38004"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55439"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/508743/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4010"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4010"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/55439"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/508743/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14304"
},
{
"trust": 0.3,
"url": "http://www.powerdns.com/"
},
{
"trust": 0.3,
"url": "/archive/1/508743"
},
{
"trust": 0.1,
"url": "http://lists.debian.org/debian-security-announce/2010/msg00003.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38004/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38158/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "PACKETSTORM",
"id": "85167"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "PACKETSTORM",
"id": "85167"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-08T17:30:00",
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"date": "2010-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"date": "2010-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"date": "2010-01-06T00:00:00",
"db": "BID",
"id": "37653"
},
{
"date": "2010-01-15T12:24:56",
"db": "PACKETSTORM",
"id": "85167"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T19:48:00",
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"date": "2010-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"date": "2010-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"date": "2015-04-13T21:54:00",
"db": "BID",
"id": "37653"
},
{
"date": null,
"db": "PACKETSTORM",
"id": "85167"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PowerDNS Recursor Remote cache poisoning vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "BID",
"id": "37653"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.