oss-sec mailing list archives

CVE request: heap-based buffer overflow in ldns

From: Vincent Danen <vdanen () redhat com>
Date: Sat, 24 Sep 2011 08:08:19 -0600

Could a CVE be assigned to this flaw?  A boundary error in
ldns_rr_new_frm_str_internal() could lead to a heap-based buffer overfow
when processing RR records.

http://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403
https://secunia.com/advisories/46153/
https://bugzilla.redhat.com/show_bug.cgi?id=741024

Thanks.

--

Vincent Danen / Red Hat Security Response Team

Current thread:

CVE request: heap-based buffer overflow in ldns Vincent Danen (Sep 24)
- Re: CVE request: heap-based buffer overflow in ldns Josh Bressers (Sep 30)