Buffer Overflow Vulnerability in MaraDNS by Nick F.
CVE-2011-0520

Currently unrated

Key Information:

Vendor

Maradns

Status
Maradns
Vendor
CVE Published:
28 January 2011

What is CVE-2011-0520?

The compress_add_dlabel_points function in MaraDNS allows remote attackers to trigger a denial of service due to a heap-based buffer overflow caused by overly long DNS hostnames. This vulnerability may also allow for arbitrary code execution, making it critical for users to apply updates and mitigate potential risks.

References

http://www.vupen.com/english/advisories/2011/0699
vdb-entryx_refsource_VUPEN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2011/01/24/1
mailing-listx_refsource_MLIST

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.