Vulnerability Details : CVE-2014-3614
Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-3614
Probability of exploitation activity in the next 30 days: 0.33%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 67 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-3614
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2014-3614
-
http://doc.powerdns.com/html/changelog.html
Changelogs
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/95947
PowerDNS Recursor packets denial of service CVE-2014-3614 Vulnerability Report
-
http://blog.powerdns.com/2014/09/10/security-update-powerdns-recursor-3-6-1
Security Update: PowerDNS Recursor 3.6.1 | PowerDNS BlogPatch;Vendor Advisory
-
http://seclists.org/oss-sec/2014/q3/589
oss-sec: PowerDNS Recursor 3.6.0 can be crashed remotely (CVE-2014-3614)Patch
Products affected by CVE-2014-3614
- cpe:2.3:a:powerdns:powerdns_recursor:3.6.0:*:*:*:*:*:*:*