Published: 27/07/2012 Updated: 22/12/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

query.c in NSD 3.0.x up to and including 3.0.8, 3.1.x up to and including 3.1.1, and 3.2.x prior to 3.2.12 allows remote malicious users to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nlnetlabs nsd 3.0.2
nlnetlabs nsd 3.0.1
nlnetlabs nsd 3.0.0
nlnetlabs nsd 3.0.8
nlnetlabs nsd 3.0.7
nlnetlabs nsd 3.0.4
nlnetlabs nsd 3.0.3
nlnetlabs nsd 3.0.6
nlnetlabs nsd 3.0.5
nlnetlabs nsd 3.1.1
nlnetlabs nsd 3.1.0
nlnetlabs nsd 3.2.5
nlnetlabs nsd 3.2.6
nlnetlabs nsd 3.2.3
nlnetlabs nsd 3.2.4
nlnetlabs nsd 3.2.7
nlnetlabs nsd 3.2.8
nlnetlabs nsd 3.2.9
nlnetlabs nsd 3.2.1
nlnetlabs nsd 3.2.0
nlnetlabs nsd 3.2.10

Marek Vavruša and Lubos Slovak discovered that NSD, an authoritative domain name server, is not properly handling non-standard DNS packets This can result in a NULL pointer dereference and crash the handling process A remote attacker can abuse this flaw to perform denial of service attacks For the stable distribution (squeeze), this problem has ...

CWE-119 http://www.nlnetlabs.nl/downloads/CVE-2012-2978.txt http://www.kb.cert.org/vuls/id/624931 http://www.securityfocus.com/bid/54606 http://www.debian.org/security/2012/dsa-2515 http://secunia.com/advisories/49997 http://secunia.com/advisories/49795 http://osvdb.org/84097 https://www.debian.org/security/./dsa-2515 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2978

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect