iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals. (CVE-2014-8602)
Impact
An attacker with a properly configured authority server could cause a denial-of-service using a crafted DNS recursive query, designed to follow an endless series of delegations.