var-201001-0677
Vulnerability from variot
Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones. PowerDNS Recursor is a high performance recursive name server. A remote attacker can trick PowerDNS Recursor into accepting malicious data. The server may incorrectly add records to its cache during parsing of recursive client queries. This is a case of cache poisoning. DNS cache poisoning refers to changing an item in the DNS cache of the DNS server so that the IP address associated with the host name in the cache no longer points to the correct location. For example, if www.example.com maps to the IP address 192.168.0.1 and the mapping exists in the DNS server's cache, an attacker who successfully poisons the server's DNS cache can map www.example.com to 10.0. 0.1. In this case, a user attempting to access www.example.com may contact the wrong web server. PowerDNS is prone to a remote cache-poisoning vulnerability. An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site. Successful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks. PowerDNS 3.1.7.1 and earlier are vulnerable. (Note that the etch version of pdns-recursor was not vulnerable to CVE-2009-4009.)
Extra care should be applied when installing this update. Major differences in internal domain name processing made backporting just the security fix too difficult.
For more information: SA38004
SOLUTION: Apply updated packages using the yum utility ("yum update pdns-recursor"). ----------------------------------------------------------------------
Accurate Vulnerability Scanning No more false positives, no more false negatives
http://secunia.com/vulnerability_scanning/
TITLE: PowerDNS Recursor Spoofing and Buffer Overflow Vulnerabilities
SECUNIA ADVISORY ID: SA38004
VERIFY ADVISORY: http://secunia.com/advisories/38004/
DESCRIPTION: Some vulnerabilities have been reported in PowerDNS Recursor, which can be exploited by malicious people to conduct spoofing attacks and potentially compromise a vulnerable system.
1) An unspecified error exists when handling certain specially crafted packets, which can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerabilities are reported in PowerDNS Recursor version 3.1.7.1 and prior. PowerDNS Authoritative ('pdns_server') is not affected.
SOLUTION: Update to version 3.1.7.2. http://www.powerdns.com/en/downloads.aspx
PROVIDED AND/OR DISCOVERED BY: The vendor credits anonymous third parties.
ORIGINAL ADVISORY: 1) http://doc.powerdns.com/powerdns-advisory-2010-01.html 2) http://doc.powerdns.com/powerdns-advisory-2010-02.html
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-33
http://security.gentoo.org/
Severity: High Title: PowerDNS Recursor: Multiple vulnerabilities Date: December 22, 2014 Bugs: #299942, #404377, #514946, #531992 ID: 201412-33
Synopsis
Multiple vulnerabilities have been found in PowerDNS Recursor, the worst of which may allow execution of arbitrary code.
Background
PowerDNS Recursor is a high-end, high-performance resolving name server
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/pdns-recursor < 3.6.1-r1 >= 3.6.1-r1
Description
Multiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details.
Impact
A remote attacker may be able to send specially crafted packets, possibly resulting in arbitrary code execution or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All PowerDNS Recursor users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-dns/pdns-recursor-3.6.1-r1"=
References
[ 1 ] CVE-2009-4009 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4009 [ 2 ] CVE-2009-4010 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4010 [ 3 ] CVE-2012-1193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1193 [ 4 ] CVE-2014-8601 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8601 [ 5 ] Related to recent DoS attacks: Recursor configuration file guidance
http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recurso= r-configuration-file-guidance/
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201412-33.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1968-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 08, 2010 http://www.debian.org/security/faq
Package : pdns-recursor Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-4009 CVE-2009-4010
It was discovered that pdns-recursor, the PowerDNS recursive name server, contains several vulnerabilities:
A buffer overflow can be exploited to crash the daemon, or potentially execute arbitrary code (CVE-2009-4009).
For the old stable distribution (etch), fixed packages will be provided soon.
For the stable distribution (lenny), these problems have been fixed in version 3.1.7-1+lenny1.
For the unstable distribution (sid), these problems have been fixed in version 3.1.7.2-1.
We recommend that you upgrade your pdns-recursor package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Source archives:
http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7.orig.tar.gz Size/MD5 checksum: 211760 38c58fef666685d6756da97baf9b4d51 http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.dsc Size/MD5 checksum: 1654 fff9beb43eec355ca42d93d53c1ce299 http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.diff.gz Size/MD5 checksum: 14769 8794fecd11f1b014592e2a36d40aaaf6
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_alpha.deb Size/MD5 checksum: 545726 dc05fab76c0fcb051b9a428cfa126061
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_amd64.deb Size/MD5 checksum: 440822 365fc4da2fd1770f8e62f1a3a0046231
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_i386.deb Size/MD5 checksum: 440686 ac26d27658892619ce539921796bce67
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_ia64.deb Size/MD5 checksum: 631308 f80c2d28ee6d9ebdbf6cad177c8fbddd
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_powerpc.deb Size/MD5 checksum: 463434 f0bba833d4231bb2237433373e888a12
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_s390.deb Size/MD5 checksum: 428138 994a5190fa0f73b49252bee0a695fb4d
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
iQEcBAEBAgAGBQJLR6jtAAoJEL97/wQC1SS+RxkH/0esg7lQO3qDCRJw32DPNjI0 zlHI6Z6jvWyhYnitqfrzuXdgU18Nq5txdLvJlllQOtxVOnwXAaVOSHCELc0c4i2D DC0JLWGm43n6RBxEteJsx83xN5yucVg4c7KvSjDM2lHkcOnXL+Z6Qz93pFgoL9wF x6uBdBBV3+YqrvHvl8hV0fHQPyMYvE6x2sJ5eBm6bluXCPgNYviFtiCTx1HUUTBn csGvkDSX81vFe07AKWr41ZiC0p5vesyJC4V6ljB2l9UWPLGT1pKZSuByfdNYMgvV guGTqguJzcjaoQ8Cn619Rmqn513N8itRyIqb8gI9E+YmcizBIdLHDi4JSsD/ikA= =XCaJ -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201001-0677",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.7"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.7.1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.0_rc1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.5"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.4"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "3.1.6"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.18"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1.2"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.0.1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.0"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1.1"
},
{
"model": "recursor",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1.3"
},
{
"model": "recursor",
"scope": "lte",
"trust": 1.0,
"vendor": "powerdns",
"version": "3.1.7.2"
},
{
"model": "recursor",
"scope": "lt",
"trust": 0.8,
"vendor": "powerdns",
"version": "3.1.7.2"
},
{
"model": "hat fedora",
"scope": "eq",
"trust": 0.6,
"vendor": "red",
"version": "16"
},
{
"model": "recursor",
"scope": "eq",
"trust": 0.6,
"vendor": "powerdns",
"version": "3.1.7.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.7.1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.7"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.6"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.5"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.4"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.3"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.2"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.0.1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.0"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "3.1.7.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:powerdns:recursor",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "bert hubert bert.hubert@netherlabs.nl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
}
],
"trust": 0.6
},
"cve": "CVE-2009-4010",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2009-4010",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2010-5502",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-4010",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-4010",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2010-5502",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201001-052",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones. PowerDNS Recursor is a high performance recursive name server. A remote attacker can trick PowerDNS Recursor into accepting malicious data. The server may incorrectly add records to its cache during parsing of recursive client queries. This is a case of cache poisoning. DNS cache poisoning refers to changing an item in the DNS cache of the DNS server so that the IP address associated with the host name in the cache no longer points to the correct location. For example, if www.example.com maps to the IP address 192.168.0.1 and the mapping exists in the DNS server\u0027s cache, an attacker who successfully poisons the server\u0027s DNS cache can map www.example.com to 10.0. 0.1. In this case, a user attempting to access www.example.com may contact the wrong web server. PowerDNS is prone to a remote cache-poisoning vulnerability. \nAn attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site. \nSuccessful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks. \nPowerDNS 3.1.7.1 and earlier are vulnerable. (Note that the\netch version of pdns-recursor was not vulnerable to CVE-2009-4009.)\n\nExtra care should be applied when installing this update. Major differences in internal domain name processing made\nbackporting just the security fix too difficult. \n\nFor more information:\nSA38004\n\nSOLUTION:\nApply updated packages using the yum utility (\"yum update\npdns-recursor\"). ----------------------------------------------------------------------\n\n\n\nAccurate Vulnerability Scanning\nNo more false positives, no more false negatives\n\nhttp://secunia.com/vulnerability_scanning/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nPowerDNS Recursor Spoofing and Buffer Overflow Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA38004\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38004/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in PowerDNS Recursor, which\ncan be exploited by malicious people to conduct spoofing attacks and\npotentially compromise a vulnerable system. \n\n1) An unspecified error exists when handling certain specially\ncrafted packets, which can be exploited to cause a buffer overflow. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerabilities are reported in PowerDNS Recursor version 3.1.7.1\nand prior. PowerDNS Authoritative (\u0027pdns_server\u0027) is not affected. \n\nSOLUTION:\nUpdate to version 3.1.7.2. \nhttp://www.powerdns.com/en/downloads.aspx\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits anonymous third parties. \n\nORIGINAL ADVISORY:\n1) http://doc.powerdns.com/powerdns-advisory-2010-01.html\n2) http://doc.powerdns.com/powerdns-advisory-2010-02.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201412-33\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: PowerDNS Recursor: Multiple vulnerabilities\n Date: December 22, 2014\n Bugs: #299942, #404377, #514946, #531992\n ID: 201412-33\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PowerDNS Recursor, the\nworst of which may allow execution of arbitrary code. \n\nBackground\n==========\n\nPowerDNS Recursor is a high-end, high-performance resolving name server\n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/pdns-recursor \u003c 3.6.1-r1 \u003e= 3.6.1-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in PowerDNS Recursor. \nPlease review the CVE identifiers and PowerDNS blog post referenced\nbelow for details. \n\nImpact\n======\n\nA remote attacker may be able to send specially crafted packets,\npossibly resulting in arbitrary code execution or a Denial of Service\ncondition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PowerDNS Recursor users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-dns/pdns-recursor-3.6.1-r1\"=\n\n\nReferences\n==========\n\n[ 1 ] CVE-2009-4009\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4009\n[ 2 ] CVE-2009-4010\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4010\n[ 3 ] CVE-2012-1193\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1193\n[ 4 ] CVE-2014-8601\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8601\n[ 5 ] Related to recent DoS attacks: Recursor configuration file\n guidance\n\nhttp://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recurso=\nr-configuration-file-guidance/\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201412-33.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1968-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJanuary 08, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : pdns-recursor\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-4009 CVE-2009-4010\n\nIt was discovered that pdns-recursor, the PowerDNS recursive name\nserver, contains several vulnerabilities:\n\nA buffer overflow can be exploited to crash the daemon, or potentially\nexecute arbitrary code (CVE-2009-4009). \n\nFor the old stable distribution (etch), fixed packages will be\nprovided soon. \n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 3.1.7-1+lenny1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.7.2-1. \n\nWe recommend that you upgrade your pdns-recursor package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7.orig.tar.gz\n Size/MD5 checksum: 211760 38c58fef666685d6756da97baf9b4d51\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.dsc\n Size/MD5 checksum: 1654 fff9beb43eec355ca42d93d53c1ce299\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.diff.gz\n Size/MD5 checksum: 14769 8794fecd11f1b014592e2a36d40aaaf6\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_alpha.deb\n Size/MD5 checksum: 545726 dc05fab76c0fcb051b9a428cfa126061\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_amd64.deb\n Size/MD5 checksum: 440822 365fc4da2fd1770f8e62f1a3a0046231\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_i386.deb\n Size/MD5 checksum: 440686 ac26d27658892619ce539921796bce67\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_ia64.deb\n Size/MD5 checksum: 631308 f80c2d28ee6d9ebdbf6cad177c8fbddd\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_powerpc.deb\n Size/MD5 checksum: 463434 f0bba833d4231bb2237433373e888a12\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_s390.deb\n Size/MD5 checksum: 428138 994a5190fa0f73b49252bee0a695fb4d\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niQEcBAEBAgAGBQJLR6jtAAoJEL97/wQC1SS+RxkH/0esg7lQO3qDCRJw32DPNjI0\nzlHI6Z6jvWyhYnitqfrzuXdgU18Nq5txdLvJlllQOtxVOnwXAaVOSHCELc0c4i2D\nDC0JLWGm43n6RBxEteJsx83xN5yucVg4c7KvSjDM2lHkcOnXL+Z6Qz93pFgoL9wF\nx6uBdBBV3+YqrvHvl8hV0fHQPyMYvE6x2sJ5eBm6bluXCPgNYviFtiCTx1HUUTBn\ncsGvkDSX81vFe07AKWr41ZiC0p5vesyJC4V6ljB2l9UWPLGT1pKZSuByfdNYMgvV\nguGTqguJzcjaoQ8Cn619Rmqn513N8itRyIqb8gI9E+YmcizBIdLHDi4JSsD/ikA=\n=XCaJ\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "PACKETSTORM",
"id": "85750"
},
{
"db": "PACKETSTORM",
"id": "85262"
},
{
"db": "PACKETSTORM",
"id": "85277"
},
{
"db": "PACKETSTORM",
"id": "129691"
},
{
"db": "PACKETSTORM",
"id": "84957"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-4010",
"trust": 3.6
},
{
"db": "BID",
"id": "37653",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "38068",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "38004",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1023404",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2010-0054",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2010-5502",
"trust": 0.6
},
{
"db": "XF",
"id": "55439",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "14304",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2010-0209",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2010-0228",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100106 CRITICAL POWERDNS RECURSOR SECURITY VULNERABILITIES: PLEASE UPGRADE ASAP TO 3.1.7.2",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "85750",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85262",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "85277",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "129691",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84957",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "PACKETSTORM",
"id": "85750"
},
{
"db": "PACKETSTORM",
"id": "85262"
},
{
"db": "PACKETSTORM",
"id": "85277"
},
{
"db": "PACKETSTORM",
"id": "129691"
},
{
"db": "PACKETSTORM",
"id": "84957"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"id": "VAR-201001-0677",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
}
]
},
"last_update_date": "2024-11-23T21:02:58.576000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "PowerDNS Security Advisory 2010-02",
"trust": 0.8,
"url": "http://doc.powerdns.com/powerdns-advisory-2010-02.html"
},
{
"title": "PowerDNS Recursor Remote Cache Patch for Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/37391"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/37653"
},
{
"trust": 2.0,
"url": "http://doc.powerdns.com/powerdns-advisory-2010-02.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-january/msg00228.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2010-january/msg00217.html"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2010/0054"
},
{
"trust": 1.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=552285"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1023404"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/38068"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/38004"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55439"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/508743/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4010"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4010"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/55439"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/508743/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/14304"
},
{
"trust": 0.3,
"url": "http://www.powerdns.com/"
},
{
"trust": 0.3,
"url": "/archive/1/508743"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4010"
},
{
"trust": 0.2,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.2,
"url": "http://security.debian.org/"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.2,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/38004/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4009"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.4+v3.1.7-0+etch1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38068/"
},
{
"trust": 0.1,
"url": "http://doc.powerdns.com/powerdns-advisory-2010-01.html"
},
{
"trust": 0.1,
"url": "http://www.powerdns.com/en/downloads.aspx"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4009"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1193"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-201412-33.xml"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1193"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8601"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://blog.powerdns.com/2014/02/06/related-to-recent-dos-attacks-recurso="
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8601"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.dsc"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1.diff.gz"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/p/pdns-recursor/pdns-recursor_3.1.7-1+lenny1_i386.deb"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "PACKETSTORM",
"id": "85750"
},
{
"db": "PACKETSTORM",
"id": "85262"
},
{
"db": "PACKETSTORM",
"id": "85277"
},
{
"db": "PACKETSTORM",
"id": "129691"
},
{
"db": "PACKETSTORM",
"id": "84957"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"db": "PACKETSTORM",
"id": "85750"
},
{
"db": "PACKETSTORM",
"id": "85262"
},
{
"db": "PACKETSTORM",
"id": "85277"
},
{
"db": "PACKETSTORM",
"id": "129691"
},
{
"db": "PACKETSTORM",
"id": "84957"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"date": "2010-01-06T00:00:00",
"db": "BID",
"id": "37653"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"date": "2010-01-29T23:33:09",
"db": "PACKETSTORM",
"id": "85750"
},
{
"date": "2010-01-17T12:52:23",
"db": "PACKETSTORM",
"id": "85262"
},
{
"date": "2010-01-17T15:18:58",
"db": "PACKETSTORM",
"id": "85277"
},
{
"date": "2014-12-23T15:40:47",
"db": "PACKETSTORM",
"id": "129691"
},
{
"date": "2010-01-09T01:45:26",
"db": "PACKETSTORM",
"id": "84957"
},
{
"date": "2010-01-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"date": "2010-01-08T17:30:02.287000",
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-01-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"date": "2015-04-13T21:54:00",
"db": "BID",
"id": "37653"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005035"
},
{
"date": "2010-01-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201001-052"
},
{
"date": "2024-11-21T01:08:43.723000",
"db": "NVD",
"id": "CVE-2009-4010"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PowerDNS Recursor Remote Cache Poisoning Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-5502"
},
{
"db": "BID",
"id": "37653"
},
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201001-052"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.