CVE-2012-0024

Priority
Medium
Description
MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for
DNS data without restricting the ability to trigger hash collisions
predictably, which allows remote attackers to cause a denial of service
(CPU consumption) by sending many crafted queries with the Recursion
Desired (RD) bit set.
References
Bugs
Package
Upstream:released (1.4.08)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (2.0.04+really1.4.09-1)
Ubuntu 12.10 (Quantal Quetzal):not-affected (2.0.04+really1.4.09-1)
Ubuntu 13.04 (Raring Ringtail):not-affected (2.0.04+really1.4.09-1)
Ubuntu 13.10 (Saucy Salamander):not-affected (2.0.04+really1.4.09-1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (2.0.04+really1.4.09-1)
Patches:
Upstream:http://maradns.org/download/patches/maradns-1.3-better_hash.patch
More Information

Valid XHTML 1.0 Strict

Updated: 2013-12-20 21:16:56 UTC (commit 7585)