Upstream information

CVE-2012-0206 at MITRE

Description

common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 740255 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.4
  • pdns >= 2.9.22-5.6.1
  • pdns-backend-ldap >= 2.9.22-5.6.1
  • pdns-backend-mysql >= 2.9.22-5.6.1
  • pdns-backend-postgresql >= 2.9.22-5.6.1
  • pdns-backend-sqlite2 >= 2.9.22-5.6.1
  • pdns-backend-sqlite3 >= 2.9.22-5.6.1
openSUSE 11.4
  • pdns >= 2.9.22-5.6.1
  • pdns-backend-ldap >= 2.9.22-5.6.1
  • pdns-backend-ldap-debuginfo >= 2.9.22-5.6.1
  • pdns-backend-mysql >= 2.9.22-5.6.1
  • pdns-backend-mysql-debuginfo >= 2.9.22-5.6.1
  • pdns-backend-postgresql >= 2.9.22-5.6.1
  • pdns-backend-postgresql-debuginfo >= 2.9.22-5.6.1
  • pdns-backend-sqlite2 >= 2.9.22-5.6.1
  • pdns-backend-sqlite2-debuginfo >= 2.9.22-5.6.1
  • pdns-backend-sqlite3 >= 2.9.22-5.6.1
  • pdns-backend-sqlite3-debuginfo >= 2.9.22-5.6.1
  • pdns-debuginfo >= 2.9.22-5.6.1
  • pdns-debugsource >= 2.9.22-5.6.1
Patchnames:
pdns
openSUSE Tumbleweed
  • pdns >= 4.0.1-1.2
  • pdns-backend-geoip >= 4.0.1-1.2
  • pdns-backend-godbc >= 4.0.1-1.2
  • pdns-backend-ldap >= 4.0.1-1.2
  • pdns-backend-lua >= 4.0.1-1.2
  • pdns-backend-mydns >= 4.0.1-1.2
  • pdns-backend-mysql >= 4.0.1-1.2
  • pdns-backend-postgresql >= 4.0.1-1.2
  • pdns-backend-remote >= 4.0.1-1.2
  • pdns-backend-sqlite3 >= 4.0.1-1.2
Patchnames:
openSUSE Tumbleweed GA pdns