Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-1086

Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and possibly (2) TTL field.

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2009032...
MISC: http://www.nlnetlabs.n...
CONFIRM: http://www.nlnetlabs.n...
DEBIAN: DSA-1795
BID: 34233
SECUNIA: 35013
SUSE: SUSE-SR:2009:010
SECUNIA: 35065

Launchpad.net

CVE 2009-1086

Related bugs

References