CVE-2009-1755

Publication date 22 May 2009

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer overflow.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
nsd 11.10 oneiric Not in release
11.04 natty Not in release
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic
Not affected
9.04 jaunty Ignored end of life
8.10 intrepid
Fixed 2.3.7-1.1+lenny1build0.8.10.1
8.04 LTS hardy Ignored end of life
6.06 LTS dapper Ignored end of life
nsd3 11.10 oneiric
Not affected
11.04 natty
Not affected
10.10 maverick
Not affected
10.04 LTS lucid
Not affected
9.10 karmic Ignored end of life
9.04 jaunty Ignored end of life
8.10 intrepid Ignored end of life, was needs-triage
8.04 LTS hardy Ignored end of life
6.06 LTS dapper Not in release