CVE Vulnerabilities

CVE-2015-1868

Published: May 18, 2015 | Modified: Dec 28, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.

Affected Software

Name Vendor Start Version End Version
Authoritative Powerdns 3.4.1 3.4.1
Authoritative Powerdns 3.3.1 3.3.1
Authoritative Powerdns 3.3 3.3
Authoritative Powerdns 3.2 3.2
Authoritative Powerdns 3.4.0 3.4.0
Authoritative Powerdns 3.4.3 3.4.3
Authoritative Powerdns 3.3.2 3.3.2

References