17 matches found
Astra Linux – Vulnerability in ldns
When ldns version 1.7.1 verifies a zone file, the ldnsrrnewfrmstrinternal function has a heap out-of-bounds read vulnerability. An attacker can leak information from the heap by constructing a zone file payload...
SUSE CVE-2026-10846
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...
UBUNTU-CVE-2026-10846
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...
EUVD-2020-11757
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-19861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a zone file in ldns 1.7.1 is parsed, the function ldnsnsec3saltdata is too trusted for the length value obtained from the zone file. When the memcpy is...
SUSE CVE-2011-3581
Heap-based buffer overflow in the ldnsrrnewfrmstrinternal function in ldns before 1.6.11 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Resource Record RR with an unknown type containing input that is longer than a specified length...
USN-5257-2 ldns vulnerabilities
USN-5257-1 fixed several vulnerabilities in ldns. This update provides the corresponding update for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. Original advisory details: It was discovered that ldns incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive...
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors...
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors...
Double free
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors...
CVE-2017-1000232
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors...
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors...
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors...
CVE-2017-1000232
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors...
CVE-2017-1000231
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors...
DEBIAN-CVE-2011-3581
Heap-based buffer overflow in the ldnsrrnewfrmstrinternal function in ldns before 1.6.11 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Resource Record RR with an unknown type containing input that is longer than a specified length...
CVE-2009-1086
Heap-based buffer overflow in the ldnsrrnewfrmstrinternal function in ldns 1.4.x allows remote attackers to cause a denial of service memory corruption and possibly execute arbitrary code via a DNS resource record RR with a long 1 class field clas variable and possibly 2 TTL field...