UBUNTU-CVE-2014-3484

Multiple stack-based buffer overflows in the dnexpand function in network/dnexpand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to 1 have unspecified impact via an invalid name length in a DNS response or 2 cause a denial of service crash via an invalid name...

BIND memcpy not bounded in case T_SIG of rrextract()

Overview Version 8.2.2 of BIND current circa November 1999 contained a buffer overflow in the routine that converts records from network format to database format. Description Version 8.2.2 of BIND includes some checks for the correct format of a signature record in DNSSEC that previous versions...