Lucene search

GoogleOSV:DSA-1319-1

HistoryJun 23, 2007 - 12:00 a.m.

maradns

2007-06-2300:00:00

Google

osv.dev

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON

Several remote vulnerabilities have been discovered in MaraDNS, a simple
security-aware Domain Name Service server. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2007-3114
It was discovered that malformed DNS requests can trigger memory
leaks, allowing denial of service.
CVE-2007-3115
It was discovered that malformed DNS requests can trigger memory
leaks, allowing denial of service.
CVE-2007-3116
It was discovered that malformed DNS requests can trigger memory
leaks, allowing denial of service.

The oldstable distribution (sarge) is not affected by these problems.

For the stable distribution (etch) these problems have been fixed
in version 1.2.12.04-1etch1.

For the unstable distribution (sid) these problems have been fixed in
version 1.2.12.06-1.

We recommend that you upgrade your maradns packages.

CPENameOperatorVersion
maradnseq1.2.12.04-1

CPE	Name	Operator	Version
	maradns	eq	1.2.12.04-1

References

www.debian.org/security/2007/dsa-1319

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON

Related for OSV:DSA-1319-1