Lucene search
HistoryDec 10, 2014 - 3:59 p.m.
CVE-2014-8601
powerdns
recursor
cve-2014-8601
denial of service
ezdns.it
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.123 Low
EPSS
Percentile
95.3%
PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service (“performance degradations”) via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian:debian_linux | debian debian linux | eq | 7.0 |
| powerdns:recursor | powerdns recursor | le | 3.6.1 |
Related
openvas
openvas
Debian Security Advisory DSA 3096-1 (pdns-recursor - security update)
2014-12-11 00:00:00
PowerDNS Security Advisory 2014-02: PowerDNS Recursor 3.6.1 and earlier can be made to provide bad service
2018-09-12 00:00:00
Debian Security Advisory DSA 3096-1 (pdns-recursor - security update)
2014-12-11 00:00:00
mageia
mageia
Updated pdns-recursor packages fix CVE-2014-8601
2014-12-10 23:09:57
securityvulns
securityvulns
[oss-security] PowerDNS Security Advisory 2014-02
2014-12-11 00:00:00
PowerDNS Recursor DoS
2014-12-11 00:00:00
[SECURITY] [DSA 3096-1] pdns-recursor security update
2014-12-11 00:00:00
nessus
nessus
Debian DLA-104-1 : pdns-recursor security update
2015-03-26 00:00:00
openSUSE Security Update : pdns-recursor (openSUSE-SU-2014:1685-1)
2014-12-23 00:00:00
PowerDNS Recursor 3.x < 3.6.2 Recursive Referral Handling DoS
2016-01-15 00:00:00
debiancve
debiancve
CVE-2014-8601
2014-12-10 15:59:00
ubuntucve
ubuntucve
CVE-2014-8601
2014-12-10 00:00:00
archlinux
archlinux
powerdns-recursor: denial of service
2014-12-09 00:00:00
debian
debian
[SECURITY] [DSA 3096-1] pdns-recursor security update
2014-12-11 09:19:40
[SECURITY] [DSA 3096-1] pdns-recursor security update
2014-12-11 09:19:40
[SECURITY] [DLA 104-1] pdns-recursor security update
2014-12-11 21:22:39
osv
osv
pdns-recursor - security update
2014-12-11 00:00:00
prion
prion
Design/Logic Flaw
2014-12-10 15:59:00
f5
f5
K16866 : PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868
2015-07-02 00:00:00
SOL16866 - PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868
2015-07-02 00:00:00
cert
cert
Recursive DNS resolver implementations may follow referrals infinitely
2014-12-09 00:00:00
gentoo
gentoo
PowerDNS Recursor: Multiple vulnerabilities
2014-12-22 00:00:00
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.123 Low
EPSS
Percentile
95.3%
Related for CVE-2014-8601