Launchpad CVE tracker

CVE 2014-8601

PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it.

Related bugs and status

CVE-2014-8601 (Candidate) is related to these bugs:

Bug #1401248: PowerDNS Security Advisory 2014-02: PowerDNS Recursor can be made to provide bad service

Summary				In	Importance	Status
	1401248	PowerDNS Security Advisory 2014-02: PowerDNS Recursor can be made to provide bad service		pdns-recursor (Ubuntu)	Undecided	Expired

Bug #1656931: Security update for pdns-recursor on trusty

Summary				In	Importance	Status
	1656931	Security update for pdns-recursor on trusty		pdns-recursor (Ubuntu)	Undecided	Invalid
	1656931	Security update for pdns-recursor on trusty		pdns-recursor (Ubuntu Trusty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://cert.ssi.gouv.f...
CONFIRM: http://doc.powerdns.co...
CERT-VN: VU#264212
BID: 71545
SECTRACK: 1031310
DEBIAN: DSA-3096

Launchpad.net

CVE 2014-8601

Related bugs and status

Related bugs

References