Summary
The remote host is missing an update to pdns
announced via advisory DSA 2385-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202385-1
Insight
Ray Morris discovered that the PowerDNS authoritative sever responds to response packets. An attacker who can spoof the source address of IP packets can cause an endless packet loop between a PowerDNS authoritative server and another DNS server, leading to a denial of service.
For the oldstable distribution (lenny), this problem has been fixed in version 2.9.21.2-1+lenny1.
For the stable distribution (squeeze), this problem has been fixed in version 2.9.22-8+squeeze1.
For the testing distribution (wheezy) and the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your pdns packages.
Severity
Classification
-
CVE CVE-2012-0206 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities