Описание
An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| pdns-recursor | fixed | 5.0.9-1 | package | |
| pdns-recursor | end-of-life | bullseye | package |
Примечания
https://www.openwall.com/lists/oss-security/2024/10/03/3
https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html
https://github.com/PowerDNS/pdns/commit/4775860c55ede7717e6e5702a90632cae5efd28e (rec-4.9.9)
https://github.com/PowerDNS/pdns/commit/60aee317a54aa80cec6c4574d40b3632cf6c0546 (rec-5.3.0-alpha0)
EPSS
Связанные уязвимости
An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.
An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.
An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.
Уязвимость DNS-сервера PowerDNS Recursor, связанная с недостаточной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании
EPSS