CVE-2011-0520

The compressadddlabelpoints function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a...

CVE-2010-2444

parse/Csv2parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hostnames that do not end in a "." dot character, which allows remote attackers to cause a denial of service NULL pointer dereference via a crafted csv2 zone file...