FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-01 08:25:03 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
8015600f-2c80-11e0-9cc1-00163e5bf4f9	maradns -- denial of service when resolving a long DNS hostname MaraDNS developer Sam Trenholme reports: ... a mistake in allocating an array of integers, allocating it in bytes instead of sizeof(int) units. This resulted in a buffer being too small, allowing it to be overwritten. The impact of this programming error is that MaraDNS can be crashed by sending MaraDNS a single "packet of death". Since the data placed in the overwritten array cannot be remotely controlled (it is a list of increasing integers), there is no way to increase privileges exploiting this bug. Discovery 2011-01-23 Entry 2011-01-31 maradns < 1.4.06 45966 CVE-2011-0520 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834

VuXML ID

Description

8015600f-2c80-11e0-9cc1-00163e5bf4f9

maradns -- denial of service when resolving a long DNS hostname

MaraDNS developer Sam Trenholme reports:

... a mistake in allocating an array of integers, allocating it in bytes instead of sizeof(int) units. This resulted in a buffer being too small, allowing it to be overwritten. The impact of this programming error is that MaraDNS can be crashed by sending MaraDNS a single "packet of death". Since the data placed in the overwritten array cannot be remotely controlled (it is a list of increasing integers), there is no way to increase privileges exploiting this bug.

Discovery 2011-01-23
Entry 2011-01-31
maradns

< 1.4.06

45966
CVE-2011-0520
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834