CVE-2015-1868
published 2015-05-18CVE-2015-1868: The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x…
high7.8CVSS 3.1
AVNACLAuNCNINAC
The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pdns | < pdns 3.4.4-1 (bookworm) | pdns 3.4.4-1 (bookworm) |
| debian | pdns | < pdns 3.4.5-1 (bookworm) | pdns 3.4.5-1 (bookworm) |
| debian | pdns-recursor | < pdns 3.4.4-1 (bookworm) | pdns 3.4.4-1 (bookworm) |
| debian | pdns-recursor | < pdns 3.4.5-1 (bookworm) | pdns 3.4.5-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| open-xchange | pdns | >= 0 < 3.4.5-1 | 3.4.5-1 |
| open-xchange | pdns | >= 0 < 3.4.4-1 | 3.4.4-1 |
| open-xchange | pdns | >= 0 < 3.4.5-1 | 3.4.5-1 |
| open-xchange | pdns | >= 0 < 3.4.4-1 | 3.4.4-1 |
| open-xchange | pdns | >= 0 < 3.4.5-1 | 3.4.5-1 |
| open-xchange | pdns | >= 0 < 3.4.4-1 | 3.4.4-1 |
| open-xchange | pdns | >= 0 < 3.4.5-1 | 3.4.5-1 |
| open-xchange | pdns | >= 0 < 3.4.4-1 | 3.4.4-1 |
| powerdns | authoritative | <= 3.3.2 | — |
| powerdns | authoritative | — | — |
| powerdns | authoritative | — | — |
| powerdns | authoritative | — | — |
| powerdns | authoritative | — | — |
| powerdns | authoritative | — | — |
| powerdns | authoritative | — | — |
| powerdns | authoritative | — | — |
| powerdns | authoritative | — | — |
| powerdns | authoritative | — | — |
CVSS provenance
nvd7.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH