CVE-2009-4009
published 2010-01-08CVE-2009-4009: Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via…
PriorityP352critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
17.57%
96.8th percentile
Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pdns-recursor | < pdns-recursor 3.1.7.2-1 (bookworm) | pdns-recursor 3.1.7.2-1 (bookworm) |
| powerdns | recursor | <= 3.1.7.2 | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x753-v6ch-rpgq: Buffer overflow in PowerDNS Recursor before 3
ghsa_unreviewed·2022-05-02
CVE-2009-4009 [HIGH] CWE-119 GHSA-x753-v6ch-rpgq: Buffer overflow in PowerDNS Recursor before 3
Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.
OSV
CVE-2009-4009: Buffer overflow in PowerDNS Recursor before 3
osv·2010-01-08·CVSS 10.0
CVE-2009-4009 [CRITICAL] CVE-2009-4009: Buffer overflow in PowerDNS Recursor before 3
Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.
Debian
CVE-2009-4009: pdns-recursor - Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to c...
vendor_debian·2009·CVSS 10.0
CVE-2009-4009 [CRITICAL] CVE-2009-4009: pdns-recursor - Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to c...
Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.
Scope: local
bookworm: resolved (fixed in 3.1.7.2-1)
bullseye: resolved (fixed in 3.1.7.2-1)
forky: resolved (fixed in 3.1.7.2-1)
sid: resolved (fixed in 3.1.7.2-1)
trixie: resolved (fixed in 3.1.7.2-1)
No detection rules found.
No public exploits indexed.
http://doc.powerdns.com/powerdns-advisory-2010-01.htmlhttp://secunia.com/advisories/38004http://secunia.com/advisories/38068http://securitytracker.com/id?1023403http://www.securityfocus.com/archive/1/508743/100/0/threadedhttp://www.securityfocus.com/bid/37650http://www.vupen.com/english/advisories/2010/0054https://bugzilla.redhat.com/show_bug.cgi?id=552285https://exchange.xforce.ibmcloud.com/vulnerabilities/55438https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.htmlhttps://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.htmlhttp://doc.powerdns.com/powerdns-advisory-2010-01.htmlhttp://secunia.com/advisories/38004http://secunia.com/advisories/38068http://securitytracker.com/id?1023403http://www.securityfocus.com/archive/1/508743/100/0/threadedhttp://www.securityfocus.com/bid/37650http://www.vupen.com/english/advisories/2010/0054https://bugzilla.redhat.com/show_bug.cgi?id=552285https://exchange.xforce.ibmcloud.com/vulnerabilities/55438https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.htmlhttps://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html
2010-01-08
Published