CVE-2006-4252

PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a denial of service (resource exhaustion and application crash) via a CNAME record with a zero TTL, which triggers an infinite loop.

Affected Software

Name	Vendor	Start Version	End Version
Recursor	Powerdns	*	3.1.3 (including)
Recursor	Powerdns	2.0_rc1 (including)	2.0_rc1 (including)
Recursor	Powerdns	2.8 (including)	2.8 (including)
Recursor	Powerdns	2.9.15 (including)	2.9.15 (including)
Recursor	Powerdns	2.9.16 (including)	2.9.16 (including)
Recursor	Powerdns	2.9.17 (including)	2.9.17 (including)
Recursor	Powerdns	2.9.18 (including)	2.9.18 (including)
Recursor	Powerdns	3.0 (including)	3.0 (including)
Recursor	Powerdns	3.0.1 (including)	3.0.1 (including)
Recursor	Powerdns	3.1 (including)	3.1 (including)
Recursor	Powerdns	3.1.1 (including)	3.1.1 (including)
Recursor	Powerdns	3.1.2 (including)	3.1.2 (including)
Pdns	Ubuntu	dapper	*
Pdns-recursor	Ubuntu	devel	*
Pdns-recursor	Ubuntu	edgy	*
Pdns-recursor	Ubuntu	feisty	*
Pdns-recursor	Ubuntu	gutsy	*
Pdns-recursor	Ubuntu	hardy	*
Pdns-recursor	Ubuntu	intrepid	*
Pdns-recursor	Ubuntu	jaunty	*
Pdns-recursor	Ubuntu	karmic	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-4252
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References