Debian: DSA-2196-1: maradns security update
Debian: DSA-2196-1: maradns security update
Witold Baryluk discovered that MaraDNS, a simple security-focused Domain Name Service server, may overflow an internal buffer when handling requests with a large number of labels, causing a server crash and the consequent denial of service.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2196-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Raphael Geissert March 19, 2011 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : maradns Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2011-0520 Debian Bug : 610834 Witold Baryluk discovered that MaraDNS, a simple security-focused Domain Name Service server, may overflow an internal buffer when handling requests with a large number of labels, causing a server crash and the consequent denial of service. For the oldstable distribution (lenny), this problem has been fixed in version 1.3.07.09-2.1. For the stable distribution (squeeze) and greater this problem had already been fixed in version 1.4.03-1.1. We recommend that you upgrade your maradns packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.