Red Hat Bugzilla – Bug 673573
CVE-2011-0520 MaraDNS: Heap-based buffer overflow by processing long DNS hostname with a large number of labels
Last modified: 2016-06-10 18:33:06 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-0520 to
the following vulnerability:
The compress_add_dlabel_points function in dns/Compress.c in MaraDNS
1.4.03, 1.4.05, and probably other versions allows remote attackers to
cause a denial of service (segmentation fault) and possibly execute
arbitrary code via a long DNS hostname with a large number of labels,
which triggers a heap-based buffer overflow.
Was not able to reproduce the issue based on reproducer details:
on maradns-1.3.07.09-3.fc12.i686 version, but look into the relevant
code part suggest:
this version is affected, and we should fix it.
Created maradns tracking bugs for this issue
Affects: fedora-all [bug 673574]
Upstream post with more details and the fix:
Fixed upstream in versions 1.4.06 and 1.3.07.11.
*** Bug 688987 has been marked as a duplicate of this bug. ***
This is still unfixed in Fedora 16, no longer shipped in Fedora 17+.