Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2302

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-2302
Last Modified 05 Sep 2008 04:51:25
Published 19 Jul 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2302

Summary

PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion.

Vulnerable Systems

Application

  • Powerdns 2.9.0

  • Powerdns 2.9.1

  • Powerdns 2.9.10

  • Powerdns 2.9.11

  • Powerdns 2.9.12

  • Powerdns 2.9.13

  • Powerdns 2.9.14

  • Powerdns 2.9.15

  • Powerdns 2.9.16

  • Powerdns 2.9.17

  • Powerdns 2.9.2

  • Powerdns 2.9.3a

  • Powerdns 2.9.4

  • Powerdns 2.9.5

  • Powerdns 2.9.6

  • Powerdns 2.9.7

  • Powerdns 2.9.8


References

BUGTRAQ - 20050716 PowerDNS 2.9.18 fixes two security issues affecting users of LDAP

CONFIRM - http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18

SUSE - SUSE-SR:2005:019

SECTRACK - 1014504


Last Updated: 27 May 2016 10:40:28