CVE-2008-3337

PowerDNS Authoritative Server <2.9.21.1 - Info Disclosure

Title source: llm
STIX 2.1

Description

PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.

References (16)

Core 16
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31401
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30587
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31687
Various Sources x_refsource_confirm
http://doc.powerdns.com/changelog.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31448
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2008/dsa-1628
Various Sources x_refsource_confirm
http://doc.powerdns.com/powerdns-advisory-2008-02.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33264
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44253
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200812-19.xml
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31407
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2320

Scores

EPSS 0.0612
EPSS Percentile 92.6%

Details

CWE
CWE-20
Status published
Products (2)
powerdns/authoritative_server < 2.9.21
powerdns/powerdns
Published Aug 08, 2008
Tracked Since Feb 18, 2026