Vulnerabilities > CVE-2009-4010 - Unspecified vulnerability in Powerdns Recursor

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
powerdns
nessus

Summary

Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.

Nessus

  • NASL familyDNS
    NASL idPOWERDNS_RECURSOR_3_1_7_2.NASL
    descriptionAccording to its self-reported version number, the version of the PowerDNS Recursor listening on the remote host is version 3.x prior to 3.1.7.2. It is, therefore, affected by multiple vulnerabilities : - A buffer overflow condition exists that allows a remote attacker, via crafted packets, to cause a daemon crash, resulting in a denial of service condition. (CVE-2009-4009) - An unspecified flaw exists that allows a remote attacker to spoof DNS data via crafted zones. (CVE-2009-4010) Note that Nessus has not attempted to exploit these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id87950
    published2016-01-15
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87950
    titlePowerDNS Recursor 3.x < 3.1.7.2 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_PDNS-RECURSOR-100209.NASL
    descriptionThis update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).
    last seen2020-06-01
    modified2020-06-02
    plugin id44610
    published2010-02-15
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44610
    titleopenSUSE Security Update : pdns-recursor (pdns-recursor-1945)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_DD8F2394FD0811DEB42500215C6A37BB.NASL
    descriptionPowerDNS Security Advisory reports : PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited. PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data
    last seen2020-06-01
    modified2020-06-02
    plugin id43847
    published2010-01-11
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43847
    titleFreeBSD : powerdns-recursor -- multiple vulnerabilities (dd8f2394-fd08-11de-b425-00215c6a37bb)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201412-33.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201412-33 (PowerDNS Recursor: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PowerDNS Recursor. Please review the CVE identifiers and PowerDNS blog post referenced below for details. Impact : A remote attacker may be able to send specially crafted packets, possibly resulting in arbitrary code execution or a Denial of Service condition. Furthermore, a remote attacker may be able to spoof DNS data. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id80210
    published2014-12-23
    reporterThis script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80210
    titleGLSA-201412-33 : PowerDNS Recursor: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_2_PDNS-RECURSOR-100209.NASL
    descriptionThis update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).
    last seen2020-06-01
    modified2020-06-02
    plugin id44619
    published2010-02-15
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44619
    titleopenSUSE Security Update : pdns-recursor (pdns-recursor-1945)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-0228.NASL
    descriptionUpdate to upstream version 3.1.7.2. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44888
    published2010-02-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44888
    titleFedora 12 : pdns-recursor-3.1.7.2-1.fc12 (2010-0228)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2010-0209.NASL
    descriptionUpdate to upstream version 3.1.7.2. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id44885
    published2010-02-25
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44885
    titleFedora 11 : pdns-recursor-3.1.7.2-1.fc11 (2010-0209)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1968.NASL
    descriptionIt was discovered that pdns-recursor, the PowerDNS recursive name server, contains several vulnerabilities : - CVE-2009-4009 A buffer overflow can be exploited to crash the daemon, or potentially execute arbitrary code. - CVE-2009-4010 A cache poisoning vulnerability may allow attackers to trick the server into serving incorrect DNS data.
    last seen2020-06-01
    modified2020-06-02
    plugin id44833
    published2010-02-24
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/44833
    titleDebian DSA-1968-1 : pdns-recursor - several vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_PDNS-RECURSOR-100209.NASL
    descriptionThis update of pdns-rucursor improves the packet parsing code to fix a possible DNS spoofing vulnerability (CVE-2009-4010) and a remote buffer overflow that could give the ability to execute arbitrary code (CVE-2009-4009).
    last seen2020-06-01
    modified2020-06-02
    plugin id44615
    published2010-02-15
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/44615
    titleopenSUSE Security Update : pdns-recursor (pdns-recursor-1945)