maradns maradns vulnerabilities and exploits

(subscribe to this query)

NA

MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an malicious user to cause a Denial of Service by triggering an abno...

Maradns Maradns Fedoraproject Fedora 37 Fedoraproject Fedora 38 Debian Debian Linux 10.0 Debian Debian Linux 11.0

NA

An issue exists in MaraDNS Deadwood up to and including 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would...

Maradns Maradns

4.3

CVSSv2

Deadwood prior to 2.3.09, 3.x prior to 3.2.05, and as used in MaraDNS prior to 1.4.14 and 2.x prior to 2.0.09, allow remote malicious users to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related ...

Maradns Project Maradns Deadwood Project Deadwood

4.3

CVSSv2

Deadwood prior to 2.3.09, 3.x prior to 3.2.05, and as used in MaraDNS prior to 1.4.14 and 2.x prior to 2.0.09, allow remote malicious users to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related ...

Maradns Project Maradns Deadwood Project Deadwood

4.3

CVSSv2

The resolver in MaraDNS prior to 1.3.0.7.15 and 1.4.x prior to 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote malicious users to trigger continued resolvability of revoked domain nam...

Maradns Maradns

2.1

CVSSv2

The authoritative server in MaraDNS up to and including 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a denial of service (CPU consumption) via crafted records in zone files,...

Maradns Maradns

7.8

CVSSv2

MaraDNS prior to 1.3.07.12 and 1.4.x prior to 1.4.08 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted queries with t...

Maradns Maradns

5

CVSSv2

MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted queries with the Recursion De...

Maradns Maradns 1.4.08 Maradns Maradns 1.3.07.012

7.5

CVSSv2

The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labe...

Maradns Maradns 1.4.03 Maradns Maradns 1.4.05

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook