PowerDNS multiple security vulnerabilities
Published:		07.01.2010
Source:		BUGTRAQ
SecurityVulns ID:		10503
Type:		remote
Level:		7/10
Description:		Buffer overflow, records spoofing.

Affected:		POWERDNS : PowerDNS Recursor 3.1
CVE:		CVE-2009-4010 (Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.)
		CVE-2009-4009 (Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.)

Original document		POWERDNS, PowerDNS Security Advisory 2010-02: PowerDNS Recursor up to and including 3.1.7.1 can be spoofed into accepting bogus data (07.01.2010)
		POWERDNS, PowerDNS Security Advisory 2010-01: PowerDNS Recursor up to and including 3.1.7.1 can be brought down and probably exploited (07.01.2010)
		bert.hubert_(at)_netherlabs.nl, Critical PowerDNS Recursor Security Vulnerabilities: please upgrade ASAP to 3.1.7.2 (07.01.2010)

Discuss:

Read or add your comments to this news (0 comments)