Reply

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

dnrd

exploit available

NVD

Published: 2002-03-25

Updated: 2008-09-11

Summary

Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions.

Vulnerable Configurations

Part	Description	Count
Application	Dnrd Dnrd Dnrd 1.0 Dnrd Dnrd 1.1 Dnrd Dnrd 1.2 Dnrd Dnrd 1.3 Dnrd Dnrd 1.4 Dnrd Dnrd 2.0 Dnrd Dnrd 2.1 Dnrd Dnrd 2.2 Dnrd Dnrd 2.3 Dnrd Dnrd 2.4 Dnrd Dnrd 2.5 Dnrd Dnrd 2.6 Dnrd Dnrd 2.7 Dnrd Dnrd 2.8 Dnrd Dnrd 2.9 Dnrd Dnrd 2.10	16

Exploit-Db

description	DNRD 1.x/2.x DNS Request/Reply Denial Of Service Vulnerability. CVE-2002-0140. Dos exploit for unix platform
id	EDB-ID:21236
last seen	2016-02-02
modified	2002-01-20
published	2002-01-20
reporter	Andrew Griffiths
source	https://www.exploit-db.com/download/21236/
title	DNRD 1.x/2.x DNS Request/Reply Denial of Service Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References