Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to execute arbitrary code via a large number of large DNS packets with the Z and QR flags cleared.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Dnrd | Dnrd | 1.0 (including) | 1.0 (including) |
| Dnrd | Dnrd | 1.1 (including) | 1.1 (including) |
| Dnrd | Dnrd | 1.2 (including) | 1.2 (including) |
| Dnrd | Dnrd | 1.3 (including) | 1.3 (including) |
| Dnrd | Dnrd | 1.4 (including) | 1.4 (including) |
| Dnrd | Dnrd | 2.0 (including) | 2.0 (including) |
| Dnrd | Dnrd | 2.1 (including) | 2.1 (including) |
| Dnrd | Dnrd | 2.2 (including) | 2.2 (including) |
| Dnrd | Dnrd | 2.3 (including) | 2.3 (including) |
| Dnrd | Dnrd | 2.4 (including) | 2.4 (including) |
| Dnrd | Dnrd | 2.5 (including) | 2.5 (including) |
| Dnrd | Dnrd | 2.6 (including) | 2.6 (including) |
| Dnrd | Dnrd | 2.7 (including) | 2.7 (including) |
| Dnrd | Dnrd | 2.8 (including) | 2.8 (including) |
| Dnrd | Dnrd | 2.9 (including) | 2.9 (including) |
| Dnrd | Dnrd | 2.10 (including) | 2.10 (including) |
References
- http://secunia.com/advisories/16142
- http://securitytracker.com/id?1014557
- http://sourceforge.net/forum/forum.php?forum_id=482568
- http://www.FreeBSD.org/ports/portaudit/e72fd82b-fa01-11d9-bc08-0001020eed82.html
- http://secunia.com/advisories/16142
- http://securitytracker.com/id?1014557
- http://sourceforge.net/forum/forum.php?forum_id=482568
- http://www.FreeBSD.org/ports/portaudit/e72fd82b-fa01-11d9-bc08-0001020eed82.html