CVE Vulnerabilities

CVE-2008-3910

Published: Sep 04, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

dns2tcp before 0.4.1 does not properly handle negative values in a certain length field in the input argument to the (1) dns_simple_decode or (2) dns_decode function, which allows remote attackers to overwrite a buffer and have unspecified other impact.

Affected Software

Name Vendor Start Version End Version
Dns2tcp Hsc * 0.4
Dns2tcp Ubuntu hardy *
Dns2tcp Ubuntu upstream *

References