CVE-2019-13952

Опубликовано: 18 июл. 2019

Источник: debian

EPSS Низкий

Описание

The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gdnsd	fixed	3.5.0-1		package
gdnsd	fixed	2.4.3-1	buster	package

Примечания

https://github.com/gdnsd/gdnsd/issues/185
No security impact, data is under administrative control
Patches: https://github.com/gdnsd/gdnsd/issues/185#issuecomment-513288786

EPSS

Процентиль: 60%

0.00403

Низкий

Связанные уязвимости

CVE-2019-13952

CVSS3: 9.8

ubuntu

больше 6 лет назад

The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.

CVE-2019-13952

CVSS3: 9.8

nvd

больше 6 лет назад

The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.

GHSA-mvpw-pvf4-394c

CVSS3: 9.8

github

больше 3 лет назад

The set_ipv6() function in zscan_rfc1035.rl in gdnsd 3.2.0 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.

EPSS

Процентиль: 60%

0.00403

Низкий