Published: 25/03/2002 Updated: 11/09/2008

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Domain Name Relay Daemon (dnrd) 2.10 and previous versions allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dnrd dnrd 2.3
dnrd dnrd 2.4
dnrd dnrd 2.5
dnrd dnrd 2.6
dnrd dnrd 1.0
dnrd dnrd 1.1
dnrd dnrd 1.2
dnrd dnrd 1.3
dnrd dnrd 1.4
dnrd dnrd 2.1
dnrd dnrd 2.2
dnrd dnrd 2.7
dnrd dnrd 2.9
dnrd dnrd 2.0
dnrd dnrd 2.10
dnrd dnrd 2.8

source: wwwsecurityfocuscom/bid/3928/info dnrd (Domain Name Relay Daemon) is a freely available, open-source proxy name server It will run on a number of Unix and Linux distributions There is a lack of sufficient bounds checking in DNS request and reply functions As a result, it is possible for a remote attacker to cause a denial of s ...

NVD-CWE-Other http://online.securityfocus.com/archive/1/251619 http://www.iss.net/security_center/static/7957.php http://www.securityfocus.com/bid/3928 https://nvd.nist.gov https://www.exploit-db.com/exploits/21236/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0140

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect