CVE-2026-40684

A flaw was found in Exim, specifically on systems utilizing musl libc. A remote attacker can exploit this vulnerability by providing malformed DNS data within PTR records. This can lead to the mail transfer agent MTA connection instance crashing, resulting in a Denial of Service DoS for affected...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc (not glibc), a vulnerability can crash the connection instance when malformed DNS PTR data is present. The issue arises from a dn_expand octal printing oddity in the handling of PTR records, as described in multiple sources. Affected software/comp...

CVE-2026-40684

In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...

UBUNTU-CVE-2014-3484

Multiple stack-based buffer overflows in the dnexpand function in network/dnexpand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to 1 have unspecified impact via an invalid name length in a DNS response or 2 cause a denial of service crash via an invalid name...

Oracle: Security Advisory (ELSA-2007-0674)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: perl-Net-DNS security update

0.31-4.el3 - Resolves: rhbz245616 - Backport patch to fix dnexpand looping issue - Backport patch to randomize ID field - Also allow disabling of online tests...

Moderate: perl-Net-DNS security update

0.48-2 - Resolves: rhbz245618 - Backport patch to fix dnexpand looping issue - Backport patch to randomize ID field...

BIND memcpy not bounded in case T_SIG of rrextract()

Overview Version 8.2.2 of BIND current circa November 1999 contained a buffer overflow in the routine that converts records from network format to database format. Description Version 8.2.2 of BIND includes some checks for the correct format of a signature record in DNSSEC that previous versions...