ID

VAR-201001-0029


CVE

CVE-2009-4010


TITLE

PowerDNS Recursor Remote cache poisoning vulnerability

Trust: 1.5

sources: CNNVD: CNNVD-201001-052 // CNVD: CNVD-2010-5502 // BID: 37653

DESCRIPTION

Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones. PowerDNS Recursor is a high performance recursive name server. A remote attacker can trick PowerDNS Recursor into accepting malicious data. The server may incorrectly add records to its cache during parsing of recursive client queries. This is a case of cache poisoning. DNS cache poisoning refers to changing an item in the DNS cache of the DNS server so that the IP address associated with the host name in the cache no longer points to the correct location. For example, if www.example.com maps to the IP address 192.168.0.1 and the mapping exists in the DNS server's cache, an attacker who successfully poisons the server's DNS cache can map www.example.com to 10.0. 0.1. In this case, a user attempting to access www.example.com may contact the wrong web server. PowerDNS is prone to a remote cache-poisoning vulnerability. An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site. Successful exploits will allow the attacker to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks. PowerDNS 3.1.7.1 and earlier are vulnerable. ---------------------------------------------------------------------- Accurate Vulnerability Scanning No more false positives, no more false negatives http://secunia.com/vulnerability_scanning/ ---------------------------------------------------------------------- TITLE: Debian update for pdns-recursor SECUNIA ADVISORY ID: SA38158 VERIFY ADVISORY: http://secunia.com/advisories/38158/ DESCRIPTION: Debian has issued an update for pdns-recursor. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks and potentially compromise a vulnerable system. For more information: SA38004 SOLUTION: Reportedly, updated packages will be available soon. ORIGINAL ADVISORY: DSA-1968-1: http://lists.debian.org/debian-security-announce/2010/msg00003.html OTHER REFERENCES: SA38004: http://secunia.com/advisories/38004/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.52

sources: NVD: CVE-2009-4010 // JVNDB: JVNDB-2010-005035 // CNVD: CNVD-2010-5502 // BID: 37653 // PACKETSTORM: 85167

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2010-5502

AFFECTED PRODUCTS

vendor:powerdnsmodel:recursorscope:eqversion:3.1.7.1

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:2.9.15

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:3.1.6

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:3.1.4

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:3.1.5

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:3.1.7

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:2.0_rc1

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:2.8

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:2.9.17

Trust: 1.6

vendor:powerdnsmodel:recursorscope:eqversion:3.1

Trust: 1.0

vendor:powerdnsmodel:recursorscope:eqversion:3.0

Trust: 1.0

vendor:powerdnsmodel:recursorscope:eqversion:3.1.1

Trust: 1.0

vendor:powerdnsmodel:recursorscope:eqversion:2.9.18

Trust: 1.0

vendor:powerdnsmodel:recursorscope:lteversion:3.1.7.2

Trust: 1.0

vendor:powerdnsmodel:recursorscope:eqversion:2.9.16

Trust: 1.0

vendor:powerdnsmodel:recursorscope:eqversion:3.1.3

Trust: 1.0

vendor:powerdnsmodel:recursorscope:eqversion:3.1.2

Trust: 1.0

vendor:powerdnsmodel:recursorscope:eqversion:3.0.1

Trust: 1.0

vendor:powerdnsmodel:recursorscope:ltversion:3.1.7.2

Trust: 0.8

vendor:powerdnsmodel:recursorscope:eqversion:3.1.7.2

Trust: 0.6

vendor:redmodel:hat fedorascope:eqversion:16

Trust: 0.6

vendor:s u s emodel:opensusescope:eqversion:11.2

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.1

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.0

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1.7.1

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1.7

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1.6

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1.5

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1.4

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1.3

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1.2

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1.1

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.0.1

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.0

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:eqversion:3.1

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux mipselscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux m68kscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux hppascope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux armelscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux alphascope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linuxscope:eqversion:5.0

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux mipselscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux m68kscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux hppascope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux armelscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linux alphascope:eqversion:4.0

Trust: 0.3

vendor:debianmodel:linuxscope:eqversion:4.0

Trust: 0.3

vendor:powerdnsmodel:powerdnsscope:neversion:3.1.7.2

Trust: 0.3

sources: NVD: CVE-2009-4010 // CNNVD: CNNVD-201001-052 // CNVD: CNVD-2010-5502 // JVNDB: JVNDB-2010-005035 // BID: 37653

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2009-4010
value: HIGH

Trust: 1.8

CNNVD: CNNVD-201001-052
value: HIGH

Trust: 0.6

CNVD: CNVD-2010-5502
value: HIGH

Trust: 0.6

NVD: CVE-2009-4010
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: TRUE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.8

CNVD: CNVD-2010-5502
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: NVD: CVE-2009-4010 // CNNVD: CNNVD-201001-052 // CNVD: CNVD-2010-5502 // JVNDB: JVNDB-2010-005035

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2009-4010

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201001-052

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201001-052

CONFIGURATIONS

sources: NVD: CVE-2009-4010

PATCH

title:PowerDNS Security Advisory 2010-02url:http://doc.powerdns.com/powerdns-advisory-2010-02.html

Trust: 0.8

title:PowerDNS Recursor Remote Cache Patch for Vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/37391

Trust: 0.6

sources: CNVD: CNVD-2010-5502 // JVNDB: JVNDB-2010-005035

EXTERNAL IDS

db:NVDid:CVE-2009-4010

Trust: 3.3

db:BIDid:37653

Trust: 2.5

db:SECUNIAid:38004

Trust: 1.7

db:SECUNIAid:38068

Trust: 1.6

db:VUPENid:ADV-2010-0054

Trust: 1.6

db:JVNDBid:JVNDB-2010-005035

Trust: 0.8

db:FEDORAid:FEDORA-2010-0209

Trust: 0.6

db:FEDORAid:FEDORA-2010-0228

Trust: 0.6

db:XFid:55439

Trust: 0.6

db:NSFOCUSid:14304

Trust: 0.6

db:BUGTRAQid:20100106 CRITICAL POWERDNS RECURSOR SECURITY VULNERABILITIES: PLEASE UPGRADE ASAP TO 3.1.7.2

Trust: 0.6

db:SECTRACKid:1023404

Trust: 0.6

db:CNNVDid:CNNVD-201001-052

Trust: 0.6

db:CNVDid:CNVD-2010-5502

Trust: 0.6

db:SECUNIAid:38158

Trust: 0.1

db:PACKETSTORMid:85167

Trust: 0.1

sources: NVD: CVE-2009-4010 // CNNVD: CNNVD-201001-052 // CNVD: CNVD-2010-5502 // JVNDB: JVNDB-2010-005035 // BID: 37653 // PACKETSTORM: 85167

REFERENCES

url:http://www.securityfocus.com/bid/37653

Trust: 2.2

url:http://doc.powerdns.com/powerdns-advisory-2010-02.html

Trust: 1.9

url:http://secunia.com/advisories/38068

Trust: 1.6

url:http://www.vupen.com/english/advisories/2010/0054

Trust: 1.6

url:http://securitytracker.com/id?1023404

Trust: 1.6

url:https://bugzilla.redhat.com/show_bug.cgi?id=552285

Trust: 1.6

url:https://www.redhat.com/archives/fedora-package-announce/2010-january/msg00217.html

Trust: 1.6

url:https://www.redhat.com/archives/fedora-package-announce/2010-january/msg00228.html

Trust: 1.6

url:http://secunia.com/advisories/38004

Trust: 1.6

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/55439

Trust: 1.0

url:http://www.securityfocus.com/archive/1/508743/100/0/threaded

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4010

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4010

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/55439

Trust: 0.6

url:http://www.securityfocus.com/archive/1/archive/1/508743/100/0/threaded

Trust: 0.6

url:http://www.nsfocus.net/vulndb/14304

Trust: 0.6

url:http://www.powerdns.com/

Trust: 0.3

url:/archive/1/508743

Trust: 0.3

url:http://lists.debian.org/debian-security-announce/2010/msg00003.html

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/38004/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/

Trust: 0.1

url:http://secunia.com/advisories/38158/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: NVD: CVE-2009-4010 // CNNVD: CNNVD-201001-052 // CNVD: CNVD-2010-5502 // JVNDB: JVNDB-2010-005035 // BID: 37653 // PACKETSTORM: 85167

CREDITS

bert hubert bert.hubert@netherlabs.nl

Trust: 0.6

sources: CNNVD: CNNVD-201001-052

SOURCES

db:NVDid:CVE-2009-4010
db:CNNVDid:CNNVD-201001-052
db:CNVDid:CNVD-2010-5502
db:JVNDBid:JVNDB-2010-005035
db:BIDid:37653
db:PACKETSTORMid:85167

LAST UPDATE DATE

2021-12-18T17:56:06.278000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2009-4010date:2018-10-10T19:48:00
db:CNNVDid:CNNVD-201001-052date:2010-01-11T00:00:00
db:CNVDid:CNVD-2010-5502date:2010-01-08T00:00:00
db:JVNDBid:JVNDB-2010-005035date:2012-12-20T00:00:00
db:BIDid:37653date:2015-04-13T21:54:00
db:PACKETSTORMid:85167date: -

SOURCES RELEASE DATE

db:NVDid:CVE-2009-4010date:2010-01-08T17:30:00
db:CNNVDid:CNNVD-201001-052date:2010-01-08T00:00:00
db:CNVDid:CNVD-2010-5502date:2010-01-08T00:00:00
db:JVNDBid:JVNDB-2010-005035date:2012-12-20T00:00:00
db:BIDid:37653date:2010-01-06T00:00:00
db:PACKETSTORMid:85167date:2010-01-15T12:24:56