MaraDNS Information for VU#264212

Recursive DNS resolver implementations may follow referrals infinitely

Status

Affected

Vendor Statement

"I have released MaraDNS 2.0.10, MaraDNS 1.4.15, and Deadwood 3.2.06
which are patched against this possible vulnerability.

Downloads are available at http://maradns.samiam.org/download/ and
https://github.com/samboy/MaraDNS
".

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://maradns.samiam.org/download/

https://github.com/samboy/MaraDNS
https://github.com/samboy/MaraDNS/commit/1f694df9fb972d59d77167fff9bbdd095dc5d1b4
https://github.com/samboy/MaraDNS/commit/c5c49306ed1f2627774dae27313a2b58d9a9ac6d

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.