CVE-2010-2444
Priority
Medium
Description
parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03,
does not properly handle hostnames that do not end in a "." (dot)
character, which allows remote attackers to cause a denial of service (NULL
pointer dereference) via a crafted csv2 zone file.
does not properly handle hostnames that do not end in a "." (dot)
character, which allows remote attackers to cause a denial of service (NULL
pointer dereference) via a crafted csv2 zone file.
Package
| Upstream: | released (1.4.03) |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needed |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (1.4.03-1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (1.4.03-1) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (1.4.03-1) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (1.4.03-1) |
Patches:
| Upstream: | http://maradns.org/download/maradns-1.4.02-parse_segfault.patch |