14 matches found
Fedora: Security Advisory (FEDORA-2023-3dd938a14d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : maradns (2023-3dd938a14d)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3dd938a14d advisory. Automatic update for maradns-3.5.0036-1.fc39. Changelog Tue May 16 2023 Tomasz Torcz - 3.5.0036-1 - new version 3.5.0036 rhbz2149110, rhbz2180267 -...
Ubuntu: Security Advisory (USN-6271-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6271-1: MaraDNS vulnerabilities
Xiang Li discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. CVE-2022-30256 Huascar Tejeda discovered that MaraDNS...
[SECURITY] [DSA 5441-1] maradns security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5441-1 [email protected] https://www.debian.org/security/ Aron Xu June 29, 2023 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
Debian DSA-5441-1 : maradns - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5441 advisory. - An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be...
[SECURITY] [DLA 3457-1] maradns security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3457-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès June 19, 2023 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-3457-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for maradns (FEDORA-2023-0c012f6245)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : maradns (2023-0c012f6245)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0c012f6245 advisory. Security fix for CVE-2023-31137, CVE-2022-30256 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
Fedora 37 : maradns (2023-cdce244fb8)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-cdce244fb8 advisory. Security fix for CVE-2023-31137, CVE-2022-30256 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
CVE-2023-31137 MaraDNS Integer Underflow Vulnerability in DNS Packet Decompression
MaraDNS is open-source software that implements the Domain Name System DNS. In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination...
CVE-2023-31137 MaraDNS Integer Underflow Vulnerability in DNS Packet Decompression
MaraDNS is open-source software that implements the Domain Name System DNS. In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination...
CVE-2023-31137
MaraDNS (Deadwood) suffers a remote DoS in versions 3.5.0024 and earlier due to an integer underflow in Decompress.c decomp_get_rddata when handling TXT records. If rdlength < total, len becomes negative and is passed to decomp_append_bytes, causing an attempted massive allocation and an exit ...