PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a denial of service (resource exhaustion and application crash) via a CNAME record with a zero TTL, which triggers an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Recursor | Powerdns | * | 3.1.3 (including) |
Recursor | Powerdns | 2.0_rc1 (including) | 2.0_rc1 (including) |
Recursor | Powerdns | 2.8 (including) | 2.8 (including) |
Recursor | Powerdns | 2.9.15 (including) | 2.9.15 (including) |
Recursor | Powerdns | 2.9.16 (including) | 2.9.16 (including) |
Recursor | Powerdns | 2.9.17 (including) | 2.9.17 (including) |
Recursor | Powerdns | 2.9.18 (including) | 2.9.18 (including) |
Recursor | Powerdns | 3.0 (including) | 3.0 (including) |
Recursor | Powerdns | 3.0.1 (including) | 3.0.1 (including) |
Recursor | Powerdns | 3.1 (including) | 3.1 (including) |
Recursor | Powerdns | 3.1.1 (including) | 3.1.1 (including) |
Recursor | Powerdns | 3.1.2 (including) | 3.1.2 (including) |