Candidate: CVE-2017-15120
PublicDate: 2018-07-27 15:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15120
 https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-08.html
Description:
 An issue has been found in the parsing of authoritative answers in PowerDNS
 Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a
 specially crafted answer containing a CNAME of a different class than IN.
 An unauthenticated remote attacker could cause a denial of service.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_pdns-recursor:
upstream_pdns-recursor: released (4.1.0-1)
precise/esm_pdns-recursor: DNE
trusty_pdns-recursor: not-affected (code not present)
trusty/esm_pdns-recursor: DNE (trusty was not-affected [code not present])
xenial_pdns-recursor: ignored (end of standard support, was needed)
zesty_pdns-recursor: ignored (reached end-of-life)
artful_pdns-recursor: ignored (reached end-of-life)
bionic_pdns-recursor: not-affected (4.1.1-2)
cosmic_pdns-recursor: not-affected (4.1.1-2)
disco_pdns-recursor: not-affected (4.1.1-2)
eoan_pdns-recursor: not-affected (4.1.1-2)
focal_pdns-recursor: not-affected (4.1.1-2)
groovy_pdns-recursor: not-affected (4.1.1-2)
hirsute_pdns-recursor: not-affected (4.1.1-2)
impish_pdns-recursor: not-affected (4.1.1-2)
jammy_pdns-recursor: not-affected (4.1.1-2)
devel_pdns-recursor: not-affected (4.1.1-2)