Vulnerabilities > Maradns > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-03-28 | CVE-2012-1570 | Unspecified vulnerability in Maradns The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. network maradns | 4.3 |
| 2012-01-08 | CVE-2011-5055 | Improper Input Validation vulnerability in Maradns 1.3.07.012/1.4.08 MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted queries with the Recursion Desired (RD) bit set. | 5.0 |
| 2010-06-25 | CVE-2010-2444 | Denial-Of-Service vulnerability in MaraDNS parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hostnames that do not end in a "." (dot) character, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted csv2 zone file. network maradns | 4.3 |
| 2008-01-03 | CVE-2008-0061 | Remote Denial of Service vulnerability in MaraDNS Malformed Packet MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to cause a denial of service via a crafted DNS packet that prevents an authoritative name (CNAME) record from resolving, aka "improper rotation of resource records." | 5.0 |
| 2007-06-07 | CVE-2007-3116 | Resource Management Errors vulnerability in Maradns 1.2.12.06/1.3.05 Memory leak in server/MaraDNS.c in MaraDNS 1.2.12.06 and 1.3.05 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3114 and CVE-2007-3115. | 5.0 |
| 2007-06-07 | CVE-2007-3114 | Resource Management Errors vulnerability in Maradns Memory leak in server/MaraDNS.c in MaraDNS before 1.2.12.05, and 1.3.x before 1.3.03, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, a different set of affected versions than CVE-2007-3115 and CVE-2007-3116. | 5.0 |
| 2004-12-31 | CVE-2004-0789 | Denial Of Service vulnerability in Multiple Vendor DNS Response Flooding Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. | 5.0 |
| 2002-12-31 | CVE-2002-2097 | Denial of Service vulnerability in MaraDNS The compression code in MaraDNS before 0.9.01 allows remote attackers to cause a denial of service via crafted DNS packets. | 5.0 |