Vulnerability Details CVE-2015-5230
The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.debian.org/security/2015/dsa-3347
- http://www.securitytracker.com/id/1033475
- https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/
- http://www.debian.org/security/2015/dsa-3347
- http://www.securitytracker.com/id/1033475
- https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/
Products affected by CVE-2015-5230
-
cpe:2.3:a:powerdns:authoritative:3.4.0
-
cpe:2.3:a:powerdns:authoritative:3.4.1
-
cpe:2.3:a:powerdns:authoritative:3.4.2
-
cpe:2.3:a:powerdns:authoritative:3.4.3
-
cpe:2.3:a:powerdns:authoritative:3.4.4
-
cpe:2.3:a:powerdns:authoritative:3.4.5
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0