DNS: PowerDNS Nameserver Label Decompression DOS

This signature detects attempts to exploit a known vulnerability in the PowerDNS. A successful attack can lead to denial of service.

Extended Description

The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.

Affected Products

Powerdns recursor

References

CVE: CVE-2015-1868

Short Name
DNS:POWERDNS-NAMSRVR-DOS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
DNS
Keywords
CVE-2015-1868 DOS Decompression Label Nameserver PowerDNS
Release Date
06/15/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Powerdns

Fedoraproject

CVSS Score

7.8

Found a potential security threat?