CVE-2010-2444

Priority
Medium
Description
parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03,
does not properly handle hostnames that do not end in a "." (dot)
character, which allows remote attackers to cause a denial of service (NULL
pointer dereference) via a crafted csv2 zone file.
References
Bugs
Package
Upstream:released (1.4.03)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (1.4.03-1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1.4.03-1)
Patches:
Upstream:http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:38:43 UTC (commit 9756)