SOL16866 - PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868

2015-07-02T00:00:00
ID SOL16866
Type f5
Reporter f5
Modified 2015-12-03T00:00:00

Description

PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.
 * CVE-2015-1868

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.