Vulnerability in Powerdns Recursor
CVE-2014-8601
PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains ho…
EPSS: 0.735 (99.4th percentile) — read the EPSS interpretation.
Affected products
- Powerdns Recursor
- Debian Debian_linux — versions 7.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Third Party Advisory)
- DSA-3096 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
- 1031310 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (Third Party Advisory, x_refsource_MISC)
- 71545 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
- VU#264212 (x_refsource_CERT-VN, US Government Resource, Third Party Advisory, third-party-advisory)