Common Vulnerabilities and Exposures assigned an identifier CVE-2011-0520 to the following vulnerability: The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0520 [2] http://www.openwall.com/lists/oss-security/2011/01/24/1 [3] http://www.openwall.com/lists/oss-security/2011/01/24/6 [4] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834 [5] http://www.securityfocus.com/bid/45966 [6] http://osvdb.org/70630 [7] http://secunia.com/advisories/43027 [8] http://xforce.iss.net/xforce/xfdb/64885
Was not able to reproduce the issue based on reproducer details: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834#5 on maradns-1.3.07.09-3.fc12.i686 version, but look into the relevant code part suggest: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834#28 this version is affected, and we should fix it.
Created maradns tracking bugs for this issue Affects: fedora-all [bug 673574]
Upstream post with more details and the fix: http://woodlane.webconquest.com/pipermail/list/2011-January/000784.html Fixed upstream in versions 1.4.06 and 1.3.07.11.
*** Bug 688987 has been marked as a duplicate of this bug. ***
This is still unfixed in Fedora 16, no longer shipped in Fedora 17+.