ALT-PU-2014-2469-1
Closed vulnerabilities
Published: 2014-12-11
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-8602
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
Severity: MEDIUM (4.3)
References:
- http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html
- http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html
- http://unbound.net/downloads/patch_cve_2014_8602.diff
- http://unbound.net/downloads/patch_cve_2014_8602.diff
- DSA-3097
- DSA-3097
- VU#264212
- VU#264212
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- 71589
- 71589
- USN-2484-1
- USN-2484-1
- https://unbound.net/downloads/CVE-2014-8602.txt
- https://unbound.net/downloads/CVE-2014-8602.txt