2018-07-27 17:29:00 2019-10-10 01:24:14

An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Powerdns Recursor 4.0.7 (not an official CPE) Powerdns Recursor 4.0.6 (not an official CPE) Powerdns Recursor 4.0.5 (not an official CPE) Powerdns Recursor 4.0.4 (not an official CPE) Powerdns Recursor 4.0.2 (not an official CPE) Powerdns Recursor 4.0.3 (not an official CPE) Powerdns Recursor 4.0.1 (not an official CPE) Powerdns Recursor 4.0.0 Alpha1 (not an official CPE) Powerdns Recursor 3.7.4 (not an official CPE) Powerdns Recursor 4.0.0 (not an official CPE) Powerdns Recursor 3.7.3 (not an official CPE) Powerdns Recursor 3.7.2 (not an official CPE) PowerDNS Recursor 3.7.1 Powerdns Recursor 3.7.0 (not an official CPE) Powerdns Recursor 3.6.4 (not an official CPE) PowerDNS Recursor 3.6.3 PowerDNS Recursor 3.6.2 PowerDNS Recursor 3.6.1 PowerDNS Recursor 3.6.0 PowerDNS Recursor 3.5.3 PowerDNS Recursor 3.5.2 PowerDNS Recursor 3.5.1 PowerDNS Recursor 3.5 Powerdns Recursor 3.3 (not an official CPE) Powerdns Recursor 3.3.1 (not an official CPE) Powerdns Recursor 3.2 (not an official CPE) Powerdns Recursor 3.1.7.2 (not an official CPE) Powerdns Recursor 3.1.7.1 (not an official CPE) Powerdns Recursor 3.1.7 (not an official CPE) Powerdns Recursor 3.1.6 (not an official CPE) Powerdns Recursor 3.1.5 (not an official CPE) Powerdns Recursor 3.1.4 (not an official CPE) Powerdns Recursor 3.1.3 (not an official CPE) Powerdns Recursor 3.1.2 (not an official CPE) Powerdns Recursor 3.1.1 (not an official CPE) Powerdns Recursor 3.0.1 (not an official CPE) Powerdns Recursor 3.0 (not an official CPE)