Paul A. Rombouts PDNSD Unspecified Buffer Overflow Vulnerability
BID:17720
Info
Paul A. Rombouts PDNSD Unspecified Buffer Overflow Vulnerability
| Bugtraq ID: | 17720 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-2077 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 27 2006 12:00AM |
| Updated: | Dec 05 2006 06:59PM |
| Credit: | This issue was disclosed by the vendor. |
| Vulnerable: |
pdnsd pdnsd 1.2.3 -par pdnsd pdnsd 1.2.2 -par pdnsd pdnsd 1.2.1 -par pdnsd pdnsd 1.1.11 -par pdnsd pdnsd 1.1.10 -par pdnsd pdnsd 1.1.8 b1-par8 pdnsd pdnsd 1.1.8 b1-par6 pdnsd pdnsd 1.1.8 b1-par5 pdnsd pdnsd 1.1.7 a pdnsd pdnsd 1.1.6 pdnsd pdnsd 1.1.5 pdnsd pdnsd 1.1.4 pdnsd pdnsd 1.1.3 pdnsd pdnsd 1.1.2 pdnsd pdnsd 1.1.1 pdnsd pdnsd 1.1 pdnsd pdnsd 1.0.15 pdnsd pdnsd 1.0.13 Gentoo Linux |
| Not Vulnerable: |
pdnsd pdnsd 1.2.4 -par |
Discussion
Paul A. Rombouts PDNSD Unspecified Buffer Overflow Vulnerability
The pdnsd DNS server is prone to an unspecified buffer-overflow vulnerability. A successful exploit may result in a denial of service or arbitrary code execution.
Details regarding the precise nature of this vulnerability are not currently available. This record will be updated when more information is available.
The pdnsd DNS server is prone to an unspecified buffer-overflow vulnerability. A successful exploit may result in a denial of service or arbitrary code execution.
Details regarding the precise nature of this vulnerability are not currently available. This record will be updated when more information is available.
Exploit / POC
Paul A. Rombouts PDNSD Unspecified Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Paul A. Rombouts PDNSD Unspecified Buffer Overflow Vulnerability
Solution:
The vendor has released version 1.2.4-par to address this issue.
Please see referenced advisories for more information and fixes.
pdnsd pdnsd 1.1.5
pdnsd pdnsd 1.1.6
pdnsd pdnsd 1.1.7 a
pdnsd pdnsd 1.1.8 b1-par8
pdnsd pdnsd 1.1.8 b1-par6
pdnsd pdnsd 1.1.8 b1-par5
pdnsd pdnsd 1.2.1 -par
pdnsd pdnsd 1.2.2 -par
pdnsd pdnsd 1.2.3 -par
Solution:
The vendor has released version 1.2.4-par to address this issue.
Please see referenced advisories for more information and fixes.
pdnsd pdnsd 1.1.5
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
pdnsd pdnsd 1.1.6
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
pdnsd pdnsd 1.1.7 a
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
pdnsd pdnsd 1.1.8 b1-par8
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
pdnsd pdnsd 1.1.8 b1-par6
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
pdnsd pdnsd 1.1.8 b1-par5
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
pdnsd pdnsd 1.2.1 -par
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
pdnsd pdnsd 1.2.2 -par
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
pdnsd pdnsd 1.2.3 -par
-
pdnsd pdnsd-1.2.4-par.tar.gz
http://www.phys.uu.nl/~rombouts/pdnsd/releases/pdnsd-1.2.4-par.tar.gz
References
Paul A. Rombouts PDNSD Unspecified Buffer Overflow Vulnerability
References:
References:
- pdnsd Home Page (Paul A. Rombouts)