An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service.
References
Link | Resource |
---|---|
http://seclists.org/oss-sec/2017/q4/382 | Mailing List Patch Third Party Advisory |
http://www.securityfocus.com/bid/106335 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15120 | Issue Tracking Third Party Advisory |
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-08.html | Patch Vendor Advisory |
https://www.debian.org/security/2017/dsa-4063 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2018-07-27T15:00:00
Updated: 2018-12-28T10:57:01
Reserved: 2017-10-08T00:00:00
Link: CVE-2017-15120
JSON object: View
NVD Information
Status : Modified
Published: 2018-07-27T15:29:00.343
Modified: 2019-10-09T23:24:14.577
Link: CVE-2017-15120
JSON object: View
Redhat Information
No data.
CWE