CVE-2006-4251

Description

Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length.

How to fix CVE-2006-4251

To remediate CVE-2006-4251, upgrade the affected package to a fixed version below.

• Debian/pdns—upgrade to 2.9.20-4 or later
• Debian/pdns—upgrade to 2.9.17-13sarge3 or later
• Debian/pdns—upgrade to 2.9.17-13sarge3 or later
• —upgrade to 3.1.4-1 or later

Is CVE-2006-4251 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (4)

• from 0, < 2.9.20-4
• from 0, < 2.9.17-13sarge3
• from 0, < 2.9.17-13sarge3
• from 0, < 3.1.4-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2006-4251