CVE-2011-0520 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Maradns

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources

Severity

7.5HIGHNVD

EPSS

6.2%

top 9.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Maradns Debian Maradns

Timeline

PublishedJan 28

Latest updateMay 17

Description

The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/maradns< maradns 1.4.03-1.1 (bullseye)

▶Debianmaradns/maradns< 1.4.03-1.1

▶NVDmaradns/maradns1.4.03, 1.4.05+1

🔴Vulnerability Details

GHSA

GHSA-7vq7-qcwq-j3vc: The compress_add_dlabel_points function in dns/Compress↗2022-05-17

▶

OSV

CVE-2011-0520: The compress_add_dlabel_points function in dns/Compress↗2011-01-28

▶

📋Vendor Advisories

Debian

CVE-2011-0520: maradns - The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4...↗2011

▶

💬Community

Bugzilla

CVE-2011-0520 MaraDNS: Heap-based buffer overflow by processing long DNS hostname with a large number of labels [fedora-16]↗2011-01-28

▶

Bugzilla

CVE-2011-0520 MaraDNS: Heap-based buffer overflow by processing long DNS hostname with a large number of labels↗2011-01-28

▶