NotCVE - vendor:"Maradns" product:"Maradns" version:"0.9.00"

Page 2 of 8 results (0.005 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2011-5056

https://notcve.org/view.php?id=CVE-2011-5056

The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a denial of service (CPU consumption) via crafted records in zone files, a different vulnerability than CVE-2012-0024. El servidor autoritativo en maraDNS hasta la versión v2.0.04 calcula los valores hash de los datos del DNS sin restringir la capacidad de obtener colisiones de hash de una forma predecible. Esto podría permitir a usuarios locales provocar una denegación de servicio (consumo de CPU) a través de registros debidamente modificados en los archivos de zona. Se trata de una vulnerabilidad diferente a CVE-2012-0024. • http://samiam.org/blog/20111229.html http://www.securitytracker.com/id?1026820 https://exchange.xforce.ibmcloud.com/vulnerabilities/72258 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2012-0024

https://notcve.org/view.php?id=CVE-2012-0024

MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted queries with the Recursion Desired (RD) bit set. MaraDNS antes de v1.3.07.12 y v1.4.x antes de v1.4.08 calcula los valores hash de los datos del DNS sin restringir la capacidad de obtener colisiones hash de una forma predecible. Esto permite a atacantes remotos provocar una denegación de servicio (por consumo de CPU) mediante el envío de muchas consultas debidamente modificadas con el bit Recursion Desired (recursividad deseada - RD) activado. • http://openwall.com/lists/oss-security/2012/01/03/13 http://openwall.com/lists/oss-security/2012/01/03/6 http://samiam.org/blog/20111229.html https://bugzilla.redhat.com/show_bug.cgi?id=771428 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2002-2097

https://notcve.org/view.php?id=CVE-2002-2097

The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service via crafted DNS packets. • http://securitytracker.com/id?1003252 http://www.securityfocus.com/bid/3852 https://exchange.xforce.ibmcloud.com/vulnerabilities/7972 •

1 2