CVE-2015-1868
Published May 18, 2015
Last updated 8 years ago
Overview
- Description
- The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:powerdns:authoritative:3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5604347-1CAB-4BF7-A173-836B6EB16783"
},
{
"criteria": "cpe:2.3:a:powerdns:authoritative:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3370E07-8781-40EF-B265-2A3723E41F78"
},
{
"criteria": "cpe:2.3:a:powerdns:authoritative:3.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEC5141A-8472-4A36-8A6D-124EDFE0941A"
},
{
"criteria": "cpe:2.3:a:powerdns:authoritative:3.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AF8596A-D92F-4FEB-8B63-D6FDAD608792"
},
{
"criteria": "cpe:2.3:a:powerdns:authoritative:3.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04A975C2-F387-4815-BDD7-F712AFFE1CE3"
},
{
"criteria": "cpe:2.3:a:powerdns:authoritative:3.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "91211D89-B43C-4D26-8ADE-90EEAFA44603"
},
{
"criteria": "cpe:2.3:a:powerdns:authoritative:3.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CA372BE-95F8-48BA-A1AF-D9FEDF01AC18"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171"
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3B8B634-42DC-4552-AAFB-D6849CB459C5"
},
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1CF2AEB-1D4D-4F80-BBFE-071942C6C9AA"
},
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0F59252-BF7E-4C15-A8EE-F96DCDABB2FB"
},
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABCDEABD-572D-42BD-8A2B-1E97FFF17B3F"
},
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A3DFC6B-B0C3-499C-9AE6-8974A2681974"
},
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B325D31-8746-4811-B3AD-3CC1F02D0E18"
},
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70D0E4BB-34A1-4E94-A58B-25DD7C984815"
},
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BC3F136-8B89-48DE-81A6-2D3FA9BE6A0C"
},
{
"criteria": "cpe:2.3:a:powerdns:recursor:3.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79723D52-8A9E-42B5-AF68-4DBF4758783E"
}
],
"operator": "OR"
}
]
}
]