CVE-2012-0024

MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted queries with the Recursion Desired (RD) bit set.
References
Link Resource
http://openwall.com/lists/oss-security/2012/01/03/6 Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=771428 Issue Tracking Third Party Advisory
http://openwall.com/lists/oss-security/2012/01/03/13 Mailing List Third Party Advisory
http://samiam.org/blog/20111229.html Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:maradns:maradns:*:*:*:*:*:*:*:*
cpe:2.3:a:maradns:maradns:*:*:*:*:*:*:*:*

Information

Published : 2012-01-07 16:55

Updated : 2020-08-19 12:41


NVD link : CVE-2012-0024

Mitre link : CVE-2012-0024


JSON object : View

CWE
CWE-400

Uncontrolled Resource Consumption

Advertisement

dedicated server usa

Products Affected

maradns

  • maradns