Gentoo Security Advisory GLSA 201412-33

Gentoo Linux Local Security Checks GLSA 201412-33 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Updated pdns package fixes security vulnerability

In MGASA-2015-0189, the pdns and pdns-recursor packages were updated to fix a denial of service issue CVE-2015-1868. The fix was incomplete. The packages have been updated again to versions 3.3.3 and 3.6.4, respectively, to completely fix this issue...

openSUSE Security Update : pdns / pdns-recursor (openSUSE-2015-505)

pdns, pdns-recursor were updated to fix two security issues. These security issues were fixed : - CVE-2015-1868: The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before...

Debian DSA-3307-1 : pdns-recursor - security update

Toshifumi Sakaguchi discovered that the patch applied to pdns-recursor, a recursive DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service service-affecting CPU spikes and in some cases a crash. %NASLMINLEVEL 70300 C Tenable Networ...

pdns recursor DoS

CPU exhaustion and crash on processing name that refers to itself...

[SECURITY] [DSA 3307-1] pdns-recursor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3307-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini July 09, 2015 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3307-1 (pdns-recursor - security update)

Toshifumi Sakaguchi discovered that the patch applied to pdns-recursor, a recursive DNS server, fixing CVE-2015-1868 , was insufficient in some cases, allowing remote attackers to cause a denial of service service-affecting CPU spikes and in some cases a crash. OpenVAS Vulnerability Test $Id:...

DSA-3307-1 pdns-recursor - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3307-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for pdns-recursor FEDORA-2015-7033

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SOL16866 - PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868

CVE-2014-8601 PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service "performance degradations" via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it. Â CVE-2015-1868 The label...

CVE-2015-1868

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service CPU consumption or crash via a request with a name that...

DEBIAN-CVE-2015-1868

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service CPU consumption or crash via a request with a name that...

UBUNTU-CVE-2015-1868

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service CPU consumption or crash via a request with a name that...

Design/Logic Flaw

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service CPU consumption or crash via a request with a name that...

CVE-2015-1868

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service CPU consumption or crash via a request with a name that...

CVE-2015-1868

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service CPU consumption or crash via a request with a name that...

CVE-2015-1868

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative Auth Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service CPU consumption or crash via a request with a name that...

CVE-2015-1868

CVE-2015-1868 concerns PowerDNS components (Recursor and Authoritative Server) where the vulnerability arises from the label decompression logic. A request whose domain name refers to itself can trigger excessive CPU usage or crash the server, enabling a remote DoS. Affected: PowerDNS Recursor 3....

MGASA-2015-0189 Updated pdns & pdns-recursor packages fix CVE-2015-1868

Updated pdns and pdns-recursor packages fix security vulnerability: A bug was discovered in the label decompression code in PowerDNS and PowerDNS Recursor, making it possible for names to refer to themselves, thus causing a loop during decompression. On some platforms, this bug can be abused to...