Vulnerability Note VU#710316
NSD vulnerable to one-byte overflow
A vulnerability exists in the way NSD processes certain types of packets that may lead to a one-byte buffer overflow.
Name server daemon (NSD) is an open source name server developed by NLnet Labs. NSD contains an off-by-one error that can cause a one-byte buffer overflow when certain packets are processed. The vulnerability exits in the packet_read_query_section() function in packet.c in versions 3.x and in the process_query_section() function in query.c in versions 2.x.
Note that this issue affects NSD versions 2.0.0 through 3.2.1.
A remote, unauthenticated attacker may be able to cause the DNS software to crash resulting in a denial-of-service condition.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Debian GNU/Linux||Affected||19 May 2009||20 May 2009|
|Apple Computer, Inc.||Not Affected||19 May 2009||20 May 2009|
|Computer Associates||Not Affected||19 May 2009||22 May 2009|
|Computer Associates eTrust Security Management||Not Affected||19 May 2009||22 May 2009|
|Cray Inc.||Not Affected||19 May 2009||20 May 2009|
|Ericsson||Not Affected||19 May 2009||20 May 2009|
|Extreme Networks||Not Affected||19 May 2009||22 May 2009|
|Gentoo Linux||Not Affected||19 May 2009||22 May 2009|
|PePLink||Not Affected||19 May 2009||20 May 2009|
|Q1 Labs||Not Affected||19 May 2009||01 Jun 2009|
|Red Hat, Inc.||Not Affected||19 May 2009||20 May 2009|
|SafeNet||Not Affected||19 May 2009||22 May 2009|
|Sun Microsystems, Inc.||Not Affected||19 May 2009||20 May 2009|
|The SCO Group||Not Affected||19 May 2009||20 May 2009|
|3com, Inc.||Unknown||19 May 2009||19 May 2009|
CVSS Metrics (Learn More)
This issue was reported in NLnet Labs NSD Announcement.
This document was written by Chris Taschner.
- CVE IDs: Unknown
- Date Public: 18 May 2009
- Date First Published: 20 May 2009
- Date Last Updated: 01 Jun 2009
- Severity Metric: 8.40
- Document Revision: 10
If you have feedback, comments, or additional information about this vulnerability, please send us email.