CVE-2011-5056Uncontrolled Resource Consumption in Maradns

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 76.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
MaradnsDebian Maradns
Timeline
PublishedJan 8
Latest updateMay 13

Description

The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a denial of service (CPU consumption) via crafted records in zone files, a different vulnerability than CVE-2012-0024.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDmaradns/maradns2.0.04

Patches

Patch: samiam.orgPatch: samiam.org

🔴Vulnerability Details

1
GHSA
GHSA-p696-w4f9-fqc3: The authoritative server in MaraDNS through 22022-05-13

📋Vendor Advisories

1
Debian
CVE-2011-5056: maradns - The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS ...2011

💬Community

1
Bugzilla
CVE-2011-5056 CVE-2012-0024 maradns: hash table collisions CPU usage DoS2012-01-03
CVE-2011-5056 — Uncontrolled Resource Consumption | cvebase