Vulnerabilities > CVE-2012-0206 - Resource Management Errors vulnerability in Powerdns Authoritative Server 2.9.22/3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Common Weakness Enumeration (CWE)
Nessus
NASL family DNS NASL id POWERDNS_3_0_1.NASL description According to its self-reported version number, the version of the PowerDNS service listening on the remote host is prior to 2.9.22.5 or 3.0.1. It is, therefore, affected by a denial of service vulnerability due to improper handling of response packets. A remote attacker can exploit this, via a specially crafted packet, to tagger an infinite packet response loop, resulting in a denial of service condition. Note that Nessus has not attempted to exploit this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 57573 published 2012-01-17 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57573 title PowerDNS Authoritative Server < 2.9.22.5 / 3.0.1 Response Packet Parsing DoS NASL family Fedora Local Security Checks NASL id FEDORA_2012-0263.NASL description This update fixes : - Bug #772581 - PowerDNS DoS Vulnerability Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-01-19 plugin id 57590 published 2012-01-19 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57590 title Fedora 16 : pdns-3.0.1-1.fc16 (2012-0263) NASL family Fedora Local Security Checks NASL id FEDORA_2012-1207.NASL description Upstream released new version. Fixes crash introduced in 2.9.22.5 CVE-2012-0206 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-02-13 plugin id 57901 published 2012-02-13 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57901 title Fedora 15 : pdns-2.9.22.6-1.fc15 (2012-1207) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-85.NASL description specially crafted request could lead to denial of service last seen 2020-06-05 modified 2014-06-13 plugin id 74847 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/74847 title openSUSE Security Update : pdns (openSUSE-2012-85) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_3338F87C3D5F11E1A00A000C6EB41CF7.NASL description The PowerDNS Team reports : Using well crafted UDP packets, one or more PowerDNS servers could be made to enter a tight packet loop, causing temporary denial of service. last seen 2020-06-01 modified 2020-06-02 plugin id 57529 published 2012-01-13 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57529 title FreeBSD : PowerDNS -- Denial of Service Vulnerability (3338f87c-3d5f-11e1-a00a-000c6eb41cf7) NASL family SuSE Local Security Checks NASL id SUSE_11_4_PDNS-120203.NASL description This update of PowerDNS fixes a Denial of Service flaw which could be exploited by remote attackers via specially crafted DNS queries (CVE-2012-0206). last seen 2020-06-05 modified 2014-06-13 plugin id 75992 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75992 title openSUSE Security Update : pdns (openSUSE-SU-2012:0200-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201202-04.NASL description The remote host is affected by the vulnerability described in GLSA-201202-04 (PowerDNS: Denial of Service) A vulnerability has been found in PowerDNS which could cause a packet loop of DNS responses. Impact : A remote attacker could send specially crafted DNS response packets, possibly resulting in a Denial of Service condition. Workaround : PowerDNS users can set last seen 2020-06-01 modified 2020-06-02 plugin id 58100 published 2012-02-23 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58100 title GLSA-201202-04 : PowerDNS: Denial of Service NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2385.NASL description Ray Morris discovered that the PowerDNS authoritative server responds to response packets. An attacker who can spoof the source address of IP packets can cause an endless packet loop between a PowerDNS authoritative server and another DNS server, leading to a denial of service. last seen 2020-03-17 modified 2012-01-12 plugin id 57525 published 2012-01-12 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/57525 title Debian DSA-2385-1 : pdns - packet loop