Denial of Service Vulnerability in MaraDNS by Samia
CVE-2011-5055

Currently unrated

Key Information:

Vendor: Maradns
Status: Maradns
Vendor: CVE Published:; 8 January 2012

What is CVE-2011-5055?

MaraDNS versions 1.3.07.12 and 1.4.08 are susceptible to a denial of service vulnerability arising from improperly handled hash values for DNS data. This flaw allows remote attackers to exploit the application by sending a barrage of crafted DNS queries with the Recursion Desired (RD) bit enabled. The resulting hash collisions lead to significant CPU consumption, which can degrade system performance and render the DNS service unresponsive. This issue persists due to an incomplete fix related to a previous vulnerability. Organizations utilizing affected versions of MaraDNS should take immediate action to mitigate the risk.

References

http://samiam.org/blog/20111230.html

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=771428

x_refsource_CONFIRM

http://openwall.com/lists/oss-security/2012/01/03/6

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 8, 2012

CVE-2011-5055 Data

JSON

Maradns

What is CVE-2011-5055?

References

Timeline