CVE-2008-0061
https://notcve.org/view.php?id=CVE-2008-0061
MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to cause a denial of service via a crafted DNS packet that prevents an authoritative name (CNAME) record from resolving, aka "improper rotation of resource records." MaraDNS 1.0 versiones anteriores a 1.0.41, 1.2 versiones anteriores a 1.2.12.08, y 1.3 versiones anteriores a 1.3.07.04 permite a atacantes remotos provocar una denegación de servicio mediante un paquete DNS manipulado que evita que un registro de nombre autorizado (CNAME) sea resuelto, también conocido como "rotación inapropiada de registros de recursos". • http://bugs.gentoo.org/show_bug.cgi?id=204351 http://maradns.blogspot.com/2007/08/maradns-update-all-versions.html http://secunia.com/advisories/28329 http://secunia.com/advisories/28334 http://secunia.com/advisories/28650 http://security.gentoo.org/glsa/glsa-200801-16.xml http://www.debian.org/security/2008/dsa-1445 http://www.maradns.org/changelog.html http://www.securityfocus.com/bid/27124 http://www.vupen.com/english/advisories/2008/0026 •
CVE-2007-3114
https://notcve.org/view.php?id=CVE-2007-3114
Memory leak in server/MaraDNS.c in MaraDNS before 1.2.12.05, and 1.3.x before 1.3.03, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3115 and CVE-2007-3116. Una pérdida de memoria en el archivo server/MaraDNS.c en MaraDNS versiones anteriores a 1.2.12.05, y versiones 1.3.x anteriores a 1.3.03, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) por medio de vectores no especificados, un conjunto de versiones afectadas diferentes de CVE-2007-3115 y CVE-2007-3116. • http://osvdb.org/37018 http://secunia.com/advisories/25406 http://secunia.com/advisories/25767 http://superb-west.dl.sourceforge.net/sourceforge/maradns/maradns-1.2.12.05.tar.gz http://www.debian.org/security/2007/dsa-1319 http://www.maradns.org/changelog.html http://www.securityfocus.com/bid/24337 • CWE-399: Resource Management Errors •
CVE-2007-3115
https://notcve.org/view.php?id=CVE-2007-3115
Multiple memory leaks in server/MaraDNS.c in MaraDNS before 1.2.12.06, and 1.3.x before 1.3.05, allow remote attackers to cause a denial of service (memory consumption) via (1) reverse lookups or (2) requests for records in a class other than Internet (IN), a different set of affected versions than CVE-2007-3114 and CVE-2007-3116. Múltiples perdidas de memoria en el archivo server/MaraDNS.c en MaraDNS anterior a la versión 1.2.12.06, y versión 1.3.x anterior a 1.3.05, permiten a los atacantes remotos causar una denegación de servicio (consumo de memoria) por medio de (1) búsquedas inversas o (2) peticiones de registros en una clase que no sea Internet (IN), un conjunto diferente de versiones afectadas que los CVE-2007-3114 y CVE-2007-3116. • http://osvdb.org/37017 http://secunia.com/advisories/25406 http://secunia.com/advisories/25767 http://superb-west.dl.sourceforge.net/sourceforge/maradns/maradns-1.2.12.06.tar.gz http://www.debian.org/security/2007/dsa-1319 http://www.maradns.org/changelog.html http://www.securityfocus.com/archive/1/471725/100/0/threaded http://www.securityfocus.com/bid/24337 http://www.securitytracker.com/id?1018201 http://www.vupen.com/english/advisories/2007/2263 • CWE-399: Resource Management Errors •
CVE-2007-3116
https://notcve.org/view.php?id=CVE-2007-3116
Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3114 and CVE-2007-3115. Una pérdida de memoria en el archivo server/MaraDNS.c en MaraDNS versiones 1.2.12.06 y 1.3.05, permite a atacantes remotos causar una denegación de servicio (consumo de memoria) por medio de vectores no especificados, un conjunto de versiones afectadas diferentes de CVE-2007-3114 y CVE-2007-3115. • http://maradns.blogspot.com/search/label/MaraDNS http://osvdb.org/37016 http://secunia.com/advisories/25767 http://www.debian.org/security/2007/dsa-1319 • CWE-399: Resource Management Errors •
CVE-2004-0789
https://notcve.org/view.php?id=CVE-2004-0789
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. • http://secunia.com/advisories/13145 http://securitytracker.com/id?1012157 http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf http://www.posadis.org/advisories/pos_adv_006.txt http://www.securityfocus.com/bid/11642 https://exchange.xforce.ibmcloud.com/vulnerabilities/17997 •