CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted queries with the Recursion Desired RD bit set. NOTE:...

7.8CVSS6.9AI score0.02888EPSS

Exploits0References1

OSV•added 2022/11/19 12:15 a.m.•8 views

CVE-2022-30256

An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and...

7.5CVSS7.4AI score0.0089EPSS

Exploits0References6

NVD•added 2012/01/08 12:55 a.m.•11 views

CVE-2012-0024

MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted queries with the Recursion Desired RD bit s...

7.8CVSS6.3AI score0.02888EPSS

Exploits0References4

UbuntuCve•added 2012/01/08 12:55 a.m.•29 views

CVE-2011-5055

5CVSS5.9AI score0.01577EPSS

Exploits0References2

OSV•added 2011/01/28 4:0 p.m.•7 views

CVE-2011-0520

The compressadddlabelpoints function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a...

7.6AI score

Exploits0References10

FreeBSD•added 2008/01/04 12:0 a.m.•17 views

maradns -- CNAME record resource rotation denial of service

Secunia reports: A vulnerability has been reported in MaraDNS, which can be exploited by malicious people to cause a Denial of Service. The vulnerability is caused due to an error within the handling of certain DNS packets. This can be exploited to cause a resource rotation by sending specially...

5CVSS6.2AI score0.02113EPSS

Exploits0References2

UbuntuCve•added 2008/01/03 10:46 p.m.•15 views

CVE-2008-0061

MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to cause a denial of service via a crafted DNS packet that prevents an authoritative name CNAME record from resolving, aka "improper rotation of resource records."...

5CVSS5.9AI score0.02113EPSS

Exploits0References1

CVE•added 2007/06/07 9:0 p.m.•49 views

CVE-2007-3114

CVE-2007-3114, CVE-2007-3115, and CVE-2007-3116 describe remote memory-leak DoS vulnerabilities in MaraDNS. The memory leaks are triggered by malformed DNS requests or specific packet field values, enabling a remote attacker to exhaust memory and cause denial of service. Affected are MaraDNS vers...

5CVSS6.3AI score0.01745EPSS

Exploits0References7Affected Software1

NVD•added 2002/12/31 5:0 a.m.•15 views

CVE-2002-2097

The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service via crafted DNS packets...

5CVSS6.8AI score0.01616EPSS

Exploits0References3

OSV•added 2002/12/31 5:0 a.m.•4 views

CVE-2002-2097

The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service via crafted DNS packets...

7AI score

Exploits0References4