Vulnerability in Powerdns Authoritative

CVE-2015-5470

The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or cra…

EPSS: 0.000 (0.5th percentile) — read the EPSS interpretation.

Affected products

Powerdns Authoritative — versions 3.4.0, 3.4.1, 3.4.2
Powerdns Recursor — versions 3.7.1, 3.7.2
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
[oss-security] 20150710 Re: Follow up: PowerDNS Security Advisory 2015-01 (mailing-list, x_refsource_MLIST)
[oss-security] 20150707 Follow up: PowerDNS Security Advisory 2015-01 (mailing-list, x_refsource_MLIST)