CVE-2017-14339

Sažetak

The DNS packet parser in YADIFA before 2.2.6 does not check for the presence of infinite pointer loops, and thus it is possible to force it to enter an infinite loop. This can cause high CPU usage and makes the server unresponsive.

Reference

http://www.debian.org/security/2017/dsa-4001
https://github.com/yadifa/yadifa/blob/v2.2.6/ChangeLog
https://www.tarlogic.com/blog/fuzzing-yadifa-dns/

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

20-09-2017 - 16:29