SB2010010601 - Fedora EPEL 5 update for pdns-recursor

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2010010601

SB2010010601 - Fedora EPEL 5 update for pdns-recursor

Published: January 6, 2010 Updated: June 28, 2025

Security Bulletin ID SB2010010601
Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Medium 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2009-4009)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.


2) Input validation error (CVE-ID: CVE-2009-4010)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.


Remediation

Install update from vendor's website.

References