Lucene search
Ubuntu.comUB:CVE-2011-0520HistoryJan 28, 2011 - 12:00 a.m.
CVE-2011-0520
2011-01-2800:00:00
ubuntu.com
ubuntu.com
7
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.131
Percentile
95.5%
The compress_add_dlabel_points function in dns/Compress.c in MaraDNS
1.4.03, 1.4.05, and probably other versions allows remote attackers to
cause a denial of service (segmentation fault) and possibly execute
arbitrary code via a long DNS hostname with a large number of labels, which
triggers a heap-based buffer overflow.
Bugs
Related
openvas
openvas
Debian Security Advisory DSA 2196-1 (maradns)
2011-05-12 00:00:00
Debian: Security Advisory (DSA-2196-1)
2011-05-12 00:00:00
FreeBSD Ports: maradns
2011-03-05 00:00:00
nessus
nessus
MaraDNS < 1.3.07.11 / 1.4.x < 1.4.06 / 2.0.x < 2.0.02 compress_add_dlabel_points Function Buffer Overflow
2014-04-11 00:00:00
GLSA-201111-06 : MaraDNS: Arbitrary code execution
2011-11-22 00:00:00
Debian DSA-2196-1 : maradns - buffer overflow
2011-03-21 00:00:00
securityvulns
securityvulns
MaraDNS buffer overflow
2011-11-27 00:00:00
prion
prion
Heap overflow
2011-01-28 16:00:00
gentoo
gentoo
MaraDNS: Arbitrary code execution
2011-11-20 00:00:00
nvd
nvd
CVE-2011-0520
2011-01-28 16:00:04
freebsd
freebsd
maradns -- denial of service when resolving a long DNS hostname
2011-01-23 00:00:00
debian
debian
[SECURITY] [DSA 2196-1] maradns security update
2011-03-19 23:50:18
debiancve
debiancve
CVE-2011-0520
2011-01-28 16:00:04
cvelist
cvelist
CVE-2011-0520
2011-01-28 15:00:00
cve
cve
CVE-2011-0520
2011-01-28 16:00:04
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.131
Percentile
95.5%
Related for UB:CVE-2011-0520