CVE-2009-4009: Buffer Overflow
First published: Mon Jan 04 2010(Updated: )
<a href="https://access.redhat.com/security/cve/CVE-2009-4009">CVE-2009-4009</a>, <a href="https://access.redhat.com/security/cve/CVE-2009-4010">CVE-2009-4010</a> <span class="quote">> This Wednesday the release of the PowerDNS Recursor 3.1.7.2 will be made > public, which fixes two important security issues, one of which is remotely > exploitable. > > Given the critical nature of these vulnerabilities, we are trying to keep > details confidential for a few more days. > > Summary > ------- > The short version: please contact me off-list if you distribute the PowerDNS > Recursor (any version), and if you want to gain early access to version > 3.1.7.2 and associated release notes. > > Details > ------- > The two security issues have been discovered by two parties which we cannot > yet publicly mention or thank, but they deserve full credit and gratitude > for their discoveries. > > Two CVE numbers have been requested, they will be communicated ASAP. > > One issue is remotely exploitable, and there are no configuration > countermeasures. The other allows a (skilled) attacker to spoof domain data > for domain names he does not own. > > The first issue is at least a DoS, but in all likelihood can be expanded > into a full compromise ('rooted'). > > The release that will be made public is already available for distributors. > Other good news is that it is already serving over a million ISP customers, > with no apparent problems. > > Contact me off-list for quick access to the new PowerDNS Recursor code, > patch & release notes. > > If you need any kind of assistance in doing a smooth upgrade, also do not > hesitate to contact me.</span>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/3.1.7.2 | <1.el5 | 1.el5 |
| PowerDNS | =3.1.7 | |
| PowerDNS | =3.1 | |
| PowerDNS | =2.9.18 | |
| PowerDNS | =2.0_rc1 | |
| PowerDNS | =3.1.2 | |
| PowerDNS | =3.0 | |
| PowerDNS | =2.9.15 | |
| PowerDNS | =3.1.5 | |
| PowerDNS | =3.1.1 | |
| PowerDNS | =3.0.1 | |
| PowerDNS | <=3.1.7.2 | |
| PowerDNS | =2.9.17 | |
| PowerDNS | =3.1.7.1 | |
| PowerDNS | =2.8 | |
| PowerDNS | =3.1.3 | |
| PowerDNS | =2.9.16 | |
| PowerDNS | =3.1.4 | |
| PowerDNS | =3.1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.vupen.com/english/advisories/2010/0054
- http://secunia.com/advisories/38004
- https://bugzilla.redhat.com/show_bug.cgi?id=552285
- https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html
- http://secunia.com/advisories/38068
- http://doc.powerdns.com/powerdns-advisory-2010-01.html
- http://www.securityfocus.com/bid/37650
- https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.html
- http://securitytracker.com/id?1023403
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55438
- http://www.securityfocus.com/archive/1/508743/100/0/threaded
- https://access.redhat.com/security/cve/CVE-2009-4009
- https://access.redhat.com/security/cve/CVE-2009-4010
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=552285#c1
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=552285#c2
- http://doc.powerdns.com/powerdns-advisory-2010-02.html
Frequently Asked Questions
What is the severity of CVE-2009-4009?
CVE-2009-4009 is classified as a critical vulnerability that can lead to remote code execution.
How do I fix CVE-2009-4009?
To remedy CVE-2009-4009, upgrade to PowerDNS Recursor version 3.1.7.2 or later.
What versions of PowerDNS are affected by CVE-2009-4009?
PowerDNS Recursor versions up to 3.1.7.1 are affected by CVE-2009-4009.
Is CVE-2009-4009 related to other vulnerabilities?
Yes, CVE-2009-4009 is associated with CVE-2009-4010 as part of a security release.
What is the impact of CVE-2009-4009 if exploited?
Exploitation of CVE-2009-4009 can allow an attacker to execute arbitrary code on the affected system.
- agent/first-publish-date
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/event
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-4009
- agent/software-canonical-lookup
- agent/trending
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/redhat
- vendor/powerdns
- canonical/powerdns
- version/powerdns/3.1.7
- version/powerdns/3.1
- version/powerdns/2.9.18
- version/powerdns/2.0_rc1
- version/powerdns/3.1.2
- version/powerdns/3.0
- version/powerdns/2.9.15
- version/powerdns/3.1.5
- version/powerdns/3.1.1
- version/powerdns/3.0.1
- version/powerdns/3.1.7.2
- version/powerdns/2.9.17
- version/powerdns/3.1.7.1
- version/powerdns/2.8
- version/powerdns/3.1.3
- version/powerdns/2.9.16
- version/powerdns/3.1.4
- version/powerdns/3.1.6