PT-2018-5772 · Powerdns · Powerdns Recursor
Toshifumi Sakaguchi
·
Publicado
2017-12-11
·
Atualizado
2019-10-09
·
CVE-2017-15120
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
PowerDNS Recursor versions prior to 4.0.8
Description:
The issue is related to the parsing of authoritative answers, which can lead to a denial of service when an unauthenticated remote attacker sends a specially crafted answer containing a CNAME of a different class than IN. This results in a NULL pointer dereference.
Recommendations:
For versions prior to 4.0.8, update to version 4.0.8 or later to resolve the issue.
Correção
DoS
NULL Pointer Dereference
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Powerdns Recursor