Vulnerabilities > CVE-2015-5470 - Resource Management Errors vulnerability in Powerdns Authoritative

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a long name that refers to itself. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1868.

Vulnerable Configurations

Part Description Count
Application
Powerdns
76

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_64E6006EF00911E498C6000C292EE6B8.NASL
    descriptionThe PowerDNS project reports : A bug was discovered in our label decompression code, making it possible for names to refer to themselves, thus causing a loop during decompression. On some platforms, this bug can be abused to cause crashes. On all platforms, this bug can be abused to cause service-affecting CPU spikes.
    last seen2020-06-01
    modified2020-06-02
    plugin id83229
    published2015-05-04
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83229
    titleFreeBSD : powerdns -- Label decompression bug can cause crashes or CPU spikes (64e6006e-f009-11e4-98c6-000c292ee6b8)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3306.NASL
    descriptionToshifumi Sakaguchi discovered that the patch applied to pdns, an authoritative DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).
    last seen2020-06-01
    modified2020-06-02
    plugin id84649
    published2015-07-13
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84649
    titleDebian DSA-3306-1 : pdns - security update
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3307.NASL
    descriptionToshifumi Sakaguchi discovered that the patch applied to pdns-recursor, a recursive DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).
    last seen2020-06-01
    modified2020-06-02
    plugin id84650
    published2015-07-13
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84650
    titleDebian DSA-3307-1 : pdns-recursor - security update
  • NASL familyDNS
    NASL idPOWERDNS_RECURSOR_3_7_3.NASL
    descriptionAccording to its self-reported version number, the version of the PowerDNS Recursor listening on the remote host is version 3.x prior to 3.7.3. It is, therefore, affected by a denial of service vulnerability due to improper validation of user-supplied input when handling self-referential names during label decompression. An unauthenticated, remote attacker can exploit this vulnerability, via crafted query packets, to crash the server. Note that Nessus has not attempted to exploit this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id87952
    published2016-01-15
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87952
    titlePowerDNS Recursor 3.x < 3.7.3 Label Decompression DoS
  • NASL familyDNS
    NASL idPOWERDNS_AUTHORITATIVE_3_4_5.NASL
    descriptionAccording to its self-reported version number, the version of the PowerDNS Authoritative Server listening on the remote host is version 3.x prior to 3.4.5. It is, therefore, affected by a denial of service vulnerability due to improper validation of user-supplied input when handling self-referential names during label decompression. An unauthenticated, remote attacker can exploit this, via specially crafted query packets, to crash the server. Note that Nessus has not attempted to exploit this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id87946
    published2016-01-15
    reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/87946
    titlePowerDNS Authoritative Server 3.x < 3.4.5 Label Decompression Self-Referential Name Handling DoS
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-505.NASL
    descriptionpdns, pdns-recursor were updated to fix two security issues. These security issues were fixed : - CVE-2015-1868: The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allowed remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself (bsc#927569). - CVE-2015-5470: Complete fix for CVE-2015-1868 (bsc#927569).
    last seen2020-06-05
    modified2015-07-27
    plugin id84996
    published2015-07-27
    reporterThis script is Copyright (C) 2015-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/84996
    titleopenSUSE Security Update : pdns / pdns-recursor (openSUSE-2015-505)