Buffer Overrun Vulnerability in adns by Chiark Greenend
CVE-2017-9107
7.5HIGH
What is CVE-2017-9107?
A vulnerability in adns before version 1.5.2 allows for a buffer overrun when a domain ends with a backslash. The flaw occurs in the qdparselabel function, which improperly reads bytes beyond the bounds of the provided buffer if the escape sequence is misinterpreted. This can cause the software to exhaust memory and potentially crash, thereby enabling a denial of service attack. Administrators are urged to apply necessary patches to prevent exploitation of this flaw.