Marek Vavruša and Lubos Slovak discovered that NSD, an authoritative domain name server, is not properly handling non-standard DNS packets. This can result in a NULL pointer dereference and crash the handling process. A remote attacker can abuse this flaw to perform denial of service attacks. For the stable distribution (squeeze), this problem has been fixed in version 3.2.5-1.squeeze2. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 3.2.12-1. We recommend that you upgrade your nsd3 packages.
Marek Vavruša and Lubos Slovak discovered that NSD, an authoritative domain name server, is not properly handling non-standard DNS packets. This can result in a NULL pointer dereference and crash the handling process. A remote attacker can abuse this flaw to perform denial of service attacks.
For the stable distribution (squeeze), this problem has been fixed in version 3.2.5-1.squeeze2.
For the testing distribution (wheezy), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 3.2.12-1.
We recommend that you upgrade your nsd3 packages.
Vulmon