688987 – maradns: buffer overflow in compression handling leads to DoS

Bug 688987 - maradns: buffer overflow in compression handling leads to DoS

Summary: maradns: buffer overflow in compression handling leads to DoS

Keywords:
Status:	CLOSED DUPLICATE of bug 673573
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-03-18 18:09 UTC by Vincent Danen
Modified:	2019-09-29 12:43 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-03-18 19:09:28 UTC
Embargoed:

Attachments	(Terms of Use)

Description Vincent Danen 2011-03-18 18:09:13 UTC

It was reported [1] that the compression code for MaraDNS contained a programming error where allocating an array of integers was allocated in bytes instead of sizeof(int) units.  This resulted in a buffer being too small, allowing it to be overwritten by sending MaraDNS a specially-crafted packet, which could crash MaraDNS.

MaraDNS 1.4.06 and 1.3.07.11 was released to correct this problems.  A patch to correct the flaw is included in the original report.

[1] http://thread.gmane.org/gmane.network.dns.maradns.general/1907

Comment 1 Vincent Danen 2011-03-18 18:10:51 UTC

The original report seems to be here:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834

Comment 2 Vincent Danen 2011-03-18 19:09:28 UTC


*** This bug has been marked as a duplicate of bug 673573 ***

Note You need to log in before you can comment on or make changes to this bug.