Lucene search

K
debianDebianDEBIAN:DLA-104-1:49028
HistoryDec 11, 2014 - 9:22 p.m.

[SECURITY] [DLA 104-1] pdns-recursor security update

2014-12-1121:22:39
lists.debian.org
20

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.094

Percentile

94.8%

Package : pdns-recursor
Version : 3.2-4+deb6u1
CVE ID : CVE-2014-8601

Florian Maury from ANSSI discovered a flaw in pdns-recursor, a
recursive DNS server : a remote attacker controlling
maliciously-constructed zones or a rogue server could affect the
performance of pdns-recursor, thus leading to resource exhaustion and
a potential denial-of-service.

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

Low

EPSS

0.094

Percentile

94.8%