MaraDNS Hash Collision Denial Of Service Vulnerability
BID:51225
Info
MaraDNS Hash Collision Denial Of Service Vulnerability
| Bugtraq ID: | 51225 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2012-0024 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 02 2012 12:00AM |
| Updated: | Feb 27 2012 05:30PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
MaraDNS MaraDNS 1.4.6 MaraDNS MaraDNS 1.4.5 MaraDNS MaraDNS 1.3.7 .04 MaraDNS MaraDNS 1.3.5 MaraDNS MaraDNS 1.3.4 MaraDNS MaraDNS 1.4.03 MaraDNS MaraDNS 1.3.07.11 MaraDNS MaraDNS 1.3.07.10 Gentoo Linux |
| Not Vulnerable: |
MaraDNS MaraDNS 1.4.9 MaraDNS MaraDNS 1.3.07.13 |
Discussion
MaraDNS Hash Collision Denial Of Service Vulnerability
MaraDNS is prone to a denial-of-service vulnerability.
Successful exploits may allow the attacker to cause the application to crash, resulting in denial-of-service conditions.
Versions prior to MaraDNS 1.3.07.13 and 1.4.09 are vulnerable.
MaraDNS is prone to a denial-of-service vulnerability.
Successful exploits may allow the attacker to cause the application to crash, resulting in denial-of-service conditions.
Versions prior to MaraDNS 1.3.07.13 and 1.4.09 are vulnerable.
Exploit / POC
MaraDNS Hash Collision Denial Of Service Vulnerability
An attacker can use readily available tools to exploit this issue.
An attacker can use readily available tools to exploit this issue.
Solution / Fix
MaraDNS Hash Collision Denial Of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
MaraDNS Hash Collision Denial Of Service Vulnerability
References:
References:
- MaraDNS 1 Update (MaraDNS)
- MaraDNS changelog (MaraDNS)
- MaraDNS Homepage (MaraDNS)