Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.MARADNS_0_9_01.NASL
HistoryApr 11, 2014 - 12:00 a.m.

MaraDNS 0.5.x < 0.5.31 / 0.9.x < 0.9.01 Compression Code Remote DoS

2014-04-1100:00:00
This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
www.tenable.com
5

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.8%

JSON

According to its self-reported version number, the MaraDNS server running on the remote host is affected by a memory leak issue due to the compression code. This issue could allow a remote attacker to cause a remote denial of service by sending a specially crafted DNS packet.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(73474);
  script_version("1.4");
  script_cvs_date("Date: 2018/11/15 20:50:21");

  script_cve_id("CVE-2002-2097");
  script_bugtraq_id(3852);

  script_name(english:"MaraDNS 0.5.x < 0.5.31 / 0.9.x < 0.9.01 Compression Code Remote DoS");
  script_summary(english:"Checks version of MaraDNS server");

  script_set_attribute(attribute:"synopsis", value:
"The DNS server running on the remote host is affected by a denial of
service vulnerability.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the MaraDNS server
running on the remote host is affected by a memory leak issue due to
the compression code. This issue could allow a remote attacker to
cause a remote denial of service by sending a specially crafted DNS
packet.");
  script_set_attribute(attribute:"see_also", value:"http://maradns.samiam.org/security.html");
  script_set_attribute(attribute:"see_also", value:"https://marc.info/?l=maradns-list&m=101173460805872");
  script_set_attribute(attribute:"see_also", value:"http://maradns.samiam.org/changelog-2001-2005.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to MaraDNS version 0.9.01 or later or apply the relevant
patch.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2002/01/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2002/01/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/11");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:maradns:maradns");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"DNS");

  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");

  script_dependencies("maradns_version.nasl");
  script_require_keys("maradns/version", "maradns/num_ver", "Settings/ParanoidReport");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

version = get_kb_item_or_exit("maradns/version");
num_ver = get_kb_item_or_exit("maradns/num_ver");

if (report_paranoia < 2) audit(AUDIT_PARANOID);

port = 53;
fix = NULL;

# 0.5.x < 0.5.31
if (version =~ "^0\.5\." && ver_compare(ver:num_ver, fix:"0.5.31", strict:FALSE) == -1)
  fix = "0.5.31";

# 0.9.x < 0.9.01
else if (version =~ "^0\.9\." && ver_compare(ver:num_ver, fix:"0.9.01", strict:FALSE) == -1)
  fix = "0.9.01";

else
  audit(AUDIT_LISTEN_NOT_VULN, "MaraDNS", port, version, "UDP");


if (report_verbosity > 0)
{
  report =
    '\n  Installed version : ' + version +
    '\n  Fixed version     : ' + fix +
    '\n';
  security_warning(port:port, proto:"udp", extra:report);
}
else security_warning(port:port, proto:"udp");
VendorProductVersionCPE
maradnsmaradnscpe:/a:maradns:maradns

Related

cve 1
debiancve 1
cvelist 1
nvd 1
cve
cve
CVE-2002-2097
2005-08-05 04:00:00
debiancve
debiancve
CVE-2002-2097
2005-08-05 04:00:00
cvelist
cvelist
CVE-2002-2097
2005-08-05 04:00:00
nvd
nvd
CVE-2002-2097
2002-12-31 05:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.8%

JSON
Related for MARADNS_0_9_01.NASL
cve1debiancve1cvelist1nvd1