RSS   Podatności dla 'LDNS'   RSS

2017-11-16
 
CVE-2017-1000232

CWE-415
 

 
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.

 
 
CVE-2017-1000231

CWE-415
 

 
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.

 
2014-11-15
 
CVE-2014-3209

CWE-264
 

 
The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.

 
2011-11-04
 
CVE-2011-3581

 

 
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length.

 
2009-03-25
 
CVE-2009-1086

CWE-399
 

 
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and possibly (2) TTL field.

 

 >>> Vendor: Nlnetlabs 5 Produkty
LDNS
NSD
Unbound
Name server daemon
Routinator


Copyright 2021, cxsecurity.com

 

Back to Top