Denial of Service Vulnerability in MaraDNS Server by Afilias
CVE-2011-5056

Currently unrated

Key Information:

Vendor: Maradns
Status: Maradns
Vendor: CVE Published:; 8 January 2012

What is CVE-2011-5056?

A vulnerability in MaraDNS allows local users to create specially crafted DNS records that exploit hash collision weaknesses in the authoritative server. This can lead to significant CPU consumption, effectively causing a denial of service. The vulnerability originates from the server's inability to restrict predictable hash collisions when computing hash values for DNS data, resulting in potential service interruption.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/72258

vdb-entryx_refsource_XF

http://samiam.org/blog/20111229.html

x_refsource_CONFIRM

http://www.securitytracker.com/id?1026820

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 8, 2012
Vulnerability Reserved
Jan 7, 2012

CVE-2011-5056 Data

JSON

Maradns

What is CVE-2011-5056?

References

Timeline