Debian Security Advisory
DSA-2196-1 maradns -- buffer overflow
- Date Reported:
- 19 Mar 2011
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 610834.
In Mitre's CVE dictionary: CVE-2011-0520.
- More information:
Witold Baryluk discovered that MaraDNS, a simple security-focused Domain Name System server, may overflow an internal buffer when handling requests with a large number of labels, causing a server crash and the consequent denial of service.
For the oldstable distribution (lenny), this problem has been fixed in version 1.3.07.09-2.1.
For the stable distribution (squeeze) and greater this problem had already been fixed in version 1.4.03-1.1.
We recommend that you upgrade your maradns packages.