Lucene search
F5F5:K16866HistoryJul 02, 2015 - 12:00 a.m.
K16866 : PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868
2015-07-0200:00:00
my.f5.com
22
Security Advisory Description
PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service (“performance degradations”) via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.
The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
f5
f5
SOL16866 - PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868
2015-07-02 00:00:00
openvas
openvas
Debian Security Advisory DSA 3096-1 (pdns-recursor - security update)
2014-12-11 00:00:00
Mageia: Security Advisory (MGASA-2014-0522)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-104-1)
2023-03-08 00:00:00
mageia
mageia
Updated pdns-recursor packages fix CVE-2014-8601
2014-12-10 23:09:57
Updated pdns & pdns-recursor packages fix CVE-2015-1868
2015-05-05 16:36:50
Updated pdns package fixes security vulnerability
2015-08-03 23:55:18
securityvulns
securityvulns
[oss-security] PowerDNS Security Advisory 2014-02
2014-12-11 00:00:00
PowerDNS Recursor DoS
2014-12-11 00:00:00
[SECURITY] [DSA 3096-1] pdns-recursor security update
2014-12-11 00:00:00
debiancve
debiancve
nessus
nessus
Debian DLA-104-1 : pdns-recursor security update
2015-03-26 00:00:00
openSUSE Security Update : pdns-recursor (openSUSE-SU-2014:1685-1)
2014-12-23 00:00:00
Debian DSA-3096-1 : pdns-recursor - security update
2014-12-15 00:00:00
ubuntucve
ubuntucve
cvelist
cvelist
cve
cve
archlinux
archlinux
powerdns-recursor: denial of service
2014-12-09 00:00:00
powerdns: denial of service
2015-04-24 00:00:00
powerdns-recursor: denial of service
2015-04-24 00:00:00
debian
debian
[SECURITY] [DSA 3096-1] pdns-recursor security update
2014-12-11 09:19:40
[SECURITY] [DSA 3096-1] pdns-recursor security update
2014-12-11 09:19:40
[SECURITY] [DLA 104-1] pdns-recursor security update
2014-12-11 21:22:39
nvd
nvd
osv
osv
pdns-recursor - security update
2014-12-11 00:00:00
pdns - security update
2015-07-09 00:00:00
pdns-recursor - security update
2015-07-09 00:00:00
prion
prion
Design/Logic Flaw
2014-12-10 15:59:00
Design/Logic Flaw
2015-05-18 15:59:00
Design/Logic Flaw
2015-11-02 19:59:00
fedora
fedora
[SECURITY] Fedora 22 Update: pdns-recursor-3.7.2-1.fc22
2015-04-30 11:40:20
[SECURITY] Fedora 21 Update: pdns-3.4.4-1.fc21
2015-04-30 11:43:41
[SECURITY] Fedora 22 Update: pdns-3.4.4-1.fc22
2015-04-30 11:48:21
checkpoint_advisories
checkpoint_advisories
PowerDNS Nameserver Label Decompression Denial of Service (CVE-2015-1868)
2015-06-04 00:00:00
freebsd
freebsd
powerdns -- Label decompression bug can cause crashes or CPU spikes
2015-04-23 00:00:00
cert
cert
Recursive DNS resolver implementations may follow referrals infinitely
2014-12-09 00:00:00
gentoo
gentoo
PowerDNS Recursor: Multiple vulnerabilities
2014-12-22 00:00:00