PT-2012-2035 · Maradns · Maradns

Published

2012-01-08

Updated

2020-08-14

CVE-2011-5056

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions MaraDNS versions through 2.0.04

Description The issue allows local users to cause a denial of service, specifically CPU consumption, by crafting records in zone files that trigger hash collisions predictably. This is due to the lack of restriction on computing hash values for DNS data.

Recommendations For MaraDNS versions through 2.0.04, consider updating to a version that addresses this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2011-5056

Affected Products

Maradns

PT-2012-2035 · Maradns · Maradns

CVE-2011-5056

Weakness Enumeration

Related Identifiers

Affected Products

References · 4