7 matches found
GLSA-201111-06 : MaraDNS: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-201111-06 MaraDNS: Arbitrary code execution A long DNS hostname with a large number of labels could trigger a buffer overflow in the compressadddlabelpoints function of dns/Compress.c. Impact : A remote unauthenticated attacker...
Debian DSA-2196-1 : maradns - buffer overflow
Witold Baryluk discovered that MaraDNS, a simple security-focused Domain Name System server, may overflow an internal buffer when handling requests with a large number of labels, causing a server crash and the consequent denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[SECURITY] [DSA 2196-1] maradns security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2196-1 [email protected] http://www.debian.org/security/ Raphael Geissert March 19, 2011 http://www.debian.org/security/faq -...
FreeBSD Ports: maradns
The remote host is missing an update to the system as announced in the referenced advisory. VID 8015600f-2c80-11e0-9cc1-00163e5bf4f9 OpenVAS Vulnerability Test $ Description: Auto generated from VID 8015600f-2c80-11e0-9cc1-00163e5bf4f9 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
FreeBSD Ports: maradns
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2011-0520
The compressadddlabelpoints function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a...
CVE-2011-0520
The MaraDNS vulnerability CVE-2011-0520 affects MaraDNS 1.4.x (notably 1.4.03 and 1.4.05) where the compress_add_dlabel_points() routine in dns/Compress.c can overflow a heap buffer when handling a long DNS hostname with many labels. This remote, unauthenticated issue could crash the server or po...