7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.045 Low
EPSS
Percentile
92.5%
In MGASA-2015-0189, the pdns and pdns-recursor packages were updated to fix a denial of service issue (CVE-2015-1868). The fix was incomplete. The packages have been updated again to versions 3.3.3 and 3.6.4, respectively, to completely fix this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | pdns | < 3.3.3-1 | pdns-3.3.3-1.mga4 |
Mageia | 4 | noarch | pdns-recursor | < 3.6.4-1 | pdns-recursor-3.6.4-1.mga4 |
Mageia | 5 | noarch | pdns | < 3.3.3-1 | pdns-3.3.3-1.mga5 |
Mageia | 5 | noarch | pdns-recursor | < 3.6.4-1 | pdns-recursor-3.6.4-1.mga5 |
advisories.mageia.org/MGASA-2015-0189.html
blog.powerdns.com/2015/06/09/authoritative-server-3-4-5-3-3-3-and-recursor-3-7-3-3-6-4-released/
doc.powerdns.com/md/security/powerdns-advisory-2015-01/
lists.opensuse.org/opensuse-updates/2015-07/msg00049.html
openwall.com/lists/oss-security/2015/07/10/8
bugs.mageia.org/show_bug.cgi?id=16320