CVE-2009-4010
published 2010-01-08CVE-2009-4010: Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
10.26%
95.1th percentile
Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pdns-recursor | < pdns-recursor 3.1.7.2-1 (bookworm) | pdns-recursor 3.1.7.2-1 (bookworm) |
| powerdns | recursor | <= 3.1.7.2 | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2009-4010: pdns-recursor - Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote atta...
vendor_debian·2009·CVSS 7.5
CVE-2009-4010 [HIGH] CVE-2009-4010: pdns-recursor - Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote atta...
Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.
Scope: local
bookworm: resolved (fixed in 3.1.7.2-1)
bullseye: resolved (fixed in 3.1.7.2-1)
forky: resolved (fixed in 3.1.7.2-1)
sid: resolved (fixed in 3.1.7.2-1)
trixie: resolved (fixed in 3.1.7.2-1)
GHSA
GHSA-8jqr-w4hv-9rxh: Unspecified vulnerability in PowerDNS Recursor before 3
ghsa_unreviewed·2022-05-02
CVE-2009-4010 [HIGH] GHSA-8jqr-w4hv-9rxh: Unspecified vulnerability in PowerDNS Recursor before 3
Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.
OSV
CVE-2009-4010: Unspecified vulnerability in PowerDNS Recursor before 3
osv·2010-01-08·CVSS 7.5
CVE-2009-4010 [HIGH] CVE-2009-4010: Unspecified vulnerability in PowerDNS Recursor before 3
Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.
No detection rules found.
No public exploits indexed.
http://doc.powerdns.com/powerdns-advisory-2010-02.htmlhttp://secunia.com/advisories/38004http://secunia.com/advisories/38068http://securitytracker.com/id?1023404http://www.securityfocus.com/archive/1/508743/100/0/threadedhttp://www.securityfocus.com/bid/37653http://www.vupen.com/english/advisories/2010/0054https://bugzilla.redhat.com/show_bug.cgi?id=552285https://exchange.xforce.ibmcloud.com/vulnerabilities/55439https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.htmlhttps://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.htmlhttp://doc.powerdns.com/powerdns-advisory-2010-02.htmlhttp://secunia.com/advisories/38004http://secunia.com/advisories/38068http://securitytracker.com/id?1023404http://www.securityfocus.com/archive/1/508743/100/0/threadedhttp://www.securityfocus.com/bid/37653http://www.vupen.com/english/advisories/2010/0054https://bugzilla.redhat.com/show_bug.cgi?id=552285https://exchange.xforce.ibmcloud.com/vulnerabilities/55439https://www.redhat.com/archives/fedora-package-announce/2010-January/msg00217.htmlhttps://www.redhat.com/archives/fedora-package-announce/2010-January/msg00228.html
2010-01-08
Published