VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-2444

maradns: parse/Csv2_parse.c in MaraDNS 1.3.03, and other ver...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2444

Original

parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hostnames that do not end in a "." (dot) character, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted csv2 zone file.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-06-25

Source Information Category:

Advisory, Alert

Last Updated:

2010-06-28

Affected Product Tags

cpe:/a:maradns:maradns:1.3.03

cpe:/a:maradns:maradns:1.3.04

cpe:/a:maradns:maradns:1.3.05

cpe:/a:maradns:maradns:1.3.06

cpe:/a:maradns:maradns:1.3.07.01

cpe:/a:maradns:maradns:1.3.07.02

cpe:/a:maradns:maradns:1.3.07.03

cpe:/a:maradns:maradns:1.3.07.04

cpe:/a:maradns:maradns:1.3.07.05

cpe:/a:maradns:maradns:1.3.07.06

cpe:/a:maradns:maradns:1.3.07.07

cpe:/a:maradns:maradns:1.3.07.08

cpe:/a:maradns:maradns:1.3.07.09

cpe:/a:maradns:maradns:1.3.08

cpe:/a:maradns:maradns:1.3.09

cpe:/a:maradns:maradns:1.3.10

cpe:/a:maradns:maradns:1.3.11

cpe:/a:maradns:maradns:1.3.12

cpe:/a:maradns:maradns:1.3.13

cpe:/a:maradns:maradns:1.3.14

cpe:/a:maradns:maradns:1.4.01

cpe:/a:maradns:maradns:1.4.02

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

CONFIRM http://maradns.org/download/maradns-1.4.02-parse_segfault.patch

MLIST [oss-security] 20100610 CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc

MLIST [oss-security] 20100624 Re: CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc

Vulnerability Type Other (NVD-CWE-Other)