oss-sec mailing list archives

Re: CVE id request: nsd

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 21 May 2009 20:23:37 -0400 (EDT)


======================================================
Name: CVE-2009-1755
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1755
Reference: MLIST:[oss-security] 20090519 CVE id request: nsd
Reference: URL:http://www.openwall.com/lists/oss-security/2009/05/19/1
Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529418
Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529420
Reference: CONFIRM:http://www.nlnetlabs.nl/publications/NSD_vulnerability_announcement.html

Off-by-one error in packet.c in nsd 3.2.1 and 2.3.7 allows remote
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via unspecified vectors that trigger a buffer overflow.

Current thread:

CVE id request: nsd Nico Golde (May 19)
- Re: CVE id request: nsd Steven M. Christey (May 21)