CVE-2009-4009Improper Restriction of Operations within the Bounds of a Memory Buffer in Recursor

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents6 sources
Severity
10.0CRITICALNVD
EPSS
0.0%
top 89.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Powerdns Recursor
Timeline
PublishedJan 8
Latest updateMay 2

Description

Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDpowerdns/recursor3.1.7.2+17

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-x753-v6ch-rpgq: Buffer overflow in PowerDNS Recursor before 32022-05-02
OSV
CVE-2009-4009: Buffer overflow in PowerDNS Recursor before 32010-01-08
CVEList
CVE-2009-4009: Buffer overflow in PowerDNS Recursor before 32010-01-08

📋Vendor Advisories

1
Debian
CVE-2009-4009: pdns-recursor - Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to c...2009

💬Community

1
Bugzilla
CVE-2009-4009 CVE-2009-4010 PowerDNS Recursor: code execution and domain spoofing flaws2010-01-04
CVE-2009-4009 — Powerdns Recursor vulnerability | cvebase