The vulnerability of the decomp_get_rddata function in the Decompress.c file of the MaraDNS system’s software allows a attacker to perform a “denial-of-service” attack.

The vulnerability of the decompgetrddata function in the Decompress.c file of the MaraDNS system implementation is caused by a numerical overflow during the processing of DNS packets with an Answer RR qtype of 16 TXT record and any qclass. Exploiting this vulnerability could allow a remote attack...

Denial Of Service (DoS)

MaraDNS is vulnerable to The vulnerability exists in the decompgetrddata function within the Decompress.c file. When handling a DNS packet with an Answer RR due to improper validation, causing the program to attempt to allocate a massive chunk of memory that is impossible to allocate.resulting in...

CVE-2023-31137 MaraDNS Integer Underflow Vulnerability in DNS Packet Decompression

MaraDNS is open-source software that implements the Domain Name System DNS. In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination...