CVE-2019-13951

Опубликовано: 18 июл. 2019

Источник: debian

Описание

The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gdnsd	not-affected			package

Примечания

https://github.com/gdnsd/gdnsd/issues/185
No security impact, data is under administrative control
Introduced in https://github.com/gdnsd/gdnsd/commit/15715fc30d5e41e53d4a16d2434fc5c3190e129b
Patches: https://github.com/gdnsd/gdnsd/issues/185#issuecomment-513288786

Связанные уязвимости

CVE-2019-13951

CVSS3: 9.8

ubuntu

больше 6 лет назад

The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data.

CVE-2019-13951

CVSS3: 9.8

nvd

больше 6 лет назад

The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data.

GHSA-r4ww-6726-pj2x

CVSS3: 9.8

github

больше 3 лет назад

The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.2.0 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data.