oss-sec mailing list archives
Re: Remote crash in MaraDNS 2.0.13 and git master
From: <cve-assign () mitre org>
Date: Mon, 14 Nov 2016 13:36:58 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
remote crash bug in MaraDNS 2.0.13 js_readuint16
Use CVE-2016-9300.
remote crash bug in MaraDNS 2.0.13 js_substr
Use CVE-2016-9301.
remote crash bug in MaraDNS 2.0.13 process_query -> this in fact looks like stack smashing, since it crashes on htons in an unrelated place
Use CVE-2016-9302. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYKgMsAAoJEHb/MwWLVhi21GoP/3HGz6OGmr6WDKg+2+IUaD8h Rwgsw78MVxqrnq/gXwg0or2yYXXHxKyR12LlDmWADnqi7WtW7mM+4r3WSGb71Vqk jfCptES4/UqpCKdEV4+HQ5nVKFRhQo1zpEam+kHbS5OiB93GlhS3UByyaSyeRsnf ZnfdVl61NjCJHerb8lBEtYf0e5rA1SvspwfIiior6o9967X9Yrs9e2S0EidCl7dq WFwh1lXZCMgGw38WzeblKgm000ScDplTgAmu6yWMIoRgZeAIdy1605/iSoBPJfgD NS0wecALHmUqhYYeouBS/1l2FDg7pIpWWAo5s7fkiajxF8hvbUR1tTd2v1hOY8Xc +w4Hiao2j4BXd9ZoKCUGumV3d0eSksNx52ZgzN8oJxa+mX74iDG6abbTYSfzlAWG lmRFi94/0oeufIqD1aMaZ5jrMoWjjyPoum2L2Y31tUiJdFUktKJ9/6dW02wydNme UjZjkIwjL44DCz4WLfXqV/rIMyx/ZztVgneAAqUFn1ssHf51HyzQPSpgbRLgj9Gc ohRUn34JyZGbACYXm63pMjA01Z6FOCjlE+/kgGoNe56u+1i9UFPdaQs0OY4g9POF DXl6kHqYNxqxASk1Ms70epXt4b/pBHdGXzqFF5QmPPW5xXiubCswn13hZhM/lZRF tTzTS1vprIT3fYUXhjZn =B4JU -----END PGP SIGNATURE-----
Current thread:
- Remote crash in MaraDNS 2.0.13 and git master Ondřej Surý (Nov 12)
- Re: Remote crash in MaraDNS 2.0.13 and git master Ondřej Surý (Nov 14)
- Re: Remote crash in MaraDNS 2.0.13 and git master Ondřej Surý (Nov 14)
- Re: Remote crash in MaraDNS 2.0.13 and git master cve-assign (Nov 14)
- Re: Re: Remote crash in MaraDNS 2.0.13 and git master Salvatore Bonaccorso (Dec 05)
- Re: Remote crash in MaraDNS 2.0.13 and git master Ondřej Surý (Nov 14)