Debian Security Advisory
DLA-104-1 pdns-recursor -- LTS security update
- Date Reported:
- 11 Dec 2014
- Affected Packages:
- pdns-recursor
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-8601.
- More information:
-
Florian Maury from ANSSI discovered a flaw in pdns-recursor, a recursive DNS server : a remote attacker controlling maliciously-constructed zones or a rogue server could affect the performance of pdns-recursor, thus leading to resource exhaustion and a potential denial-of-service.
For Debian 6
Squeeze
, these issues have been fixed in pdns-recursor version 3.2-4+deb6u1