p5-Net-DNS -- multiple Vulnerabilities

ID D2B8A963-3D59-11DC-B3D3-0016179B2DD5
Type freebsd
Reporter FreeBSD
Modified 2007-06-27T00:00:00


A Secunia Advisory reports:

An error exists in the handling of DNS queries where IDs are incremented with a fixed value and are additionally used for child processes in a forking server. This can be exploited to poison the DNS cache of an application using the module if a valid ID is guessed. An error in the PP implementation within the "dn_expand()" function can be exploited to cause a stack overflow due to an endless loop via a specially crafted DNS packet.