5 matches found
openSUSE Security Update : unbound (unbound-840)
This update fixes a heap-based buffer overflow in the ldnsrrnewfrmstrinternal function. This allowed remote attackers to cause a denial of service and possibly execute arbitrary code via a DNS resource record RR with a long class field and possibly TTL field. CVE-2009-1086 %NASLMINLEVEL 70300 C...
Debian Security Advisory DSA 1795-1 (ldns)
The remote host is missing an update to ldns announced via advisory DSA 1795-1. OpenVAS Vulnerability Test $Id: deb17951.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1795-1 ldns Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Debian DSA-1795-1 : ldns - buffer overflow
Stefan Kaltenbrunner discovered that ldns, a library and set of utilities to facilitate DNS programming, did not correctly implement a buffer boundary check in its RR DNS record parser. This weakness could enable overflow of a heap buffer if a maliciously-crafted record is parsed, potentially...
[SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1795 [email protected] http://www.debian.org/security/ Devin Carraway May 07, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------...
CVE-2009-1086
CVE-2009-1086 affects ldns: a heap-based buffer overflow in ldns_rr_new_frm_str_internal in ldns 1.4.x can be triggered by a DNS RR with a long class field (and possibly TTL), leading to denial of service and potential arbitrary code execution. Public docs indicate the issue arises during parsing...