CVE-2012-0024

MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted queries with the Recursion Desired (RD) bit set.
References
Link Resource
http://openwall.com/lists/oss-security/2012/01/03/13 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2012/01/03/6 Mailing List Third Party Advisory
http://samiam.org/blog/20111229.html Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=771428 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:maradns:maradns:*:*:*:*:*:*:*:*
cpe:2.3:a:maradns:maradns:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-01-08 00:55

Updated : 2024-02-04 17:54


NVD link : CVE-2012-0024

Mitre link : CVE-2012-0024

CVE.ORG link : CVE-2012-0024


JSON object : View

Products Affected

maradns

  • maradns
CWE
CWE-400

Uncontrolled Resource Consumption