Executive Summary
Summary | |
---|---|
Title | NSD vulnerable to one-byte overflow |
Informations | |||
---|---|---|---|
Name | VU#710316 | First vendor Publication | 2009-05-20 |
Vendor | VU-CERT | Last vendor Modification | 2009-06-01 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | N/A | Attack Range | N/A |
Cvss Impact Score | N/A | Attack Complexity | N/A |
Cvss Expoit Score | N/A | Authentication | N/A |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#710316NSD vulnerable to one-byte overflowOverviewA vulnerability exists in the way NSD processes certain types of packets that may lead to a one-byte buffer overflow.I. DescriptionName server daemon (NSD) is an open source name server developed by NLnet Labs. NSD contains an off-by-one error that can cause a one-byte buffer overflow when certain packets are processed. The vulnerability exits in the packet_read_query_section() function in packet.c in versions 3.x and in the process_query_section() function in query.c in versions 2.x.Note that this issue affects NSD versions 2.0.0 through 3.2.1.
References
This issue was reported in NLnet Labs NSD Announcement. This document was written by Chris Taschner.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/710316 |
Alert History
Date | Informations |
---|---|
2014-02-17 12:08:08 |
|
2013-02-06 19:08:32 |
|