{"vuid":"VU#710316","idnumber":"710316","name":"NSD vulnerable to one-byte overflow","keywords":["NSD","QNAME","buffer overflow","one-byte","packet_reqd_query_section","packet.c"],"overview":"A vulnerability exists in the way NSD processes certain types of packets that may lead to a one-byte buffer overflow.","clean_desc":"Name server daemon (NSD) is an open source name server developed by NLnet Labs. NSD contains an off-by-one error that can cause a one-byte buffer overflow when certain packets are processed. The vulnerability exits in the packet_read_query_section() function in packet.c in versions 3.x and in the process_query_section() function in query.c in versions 2.x. Note that this issue affects NSD versions 2.0.0 through 3.2.1.","impact":"A remote, unauthenticated attacker may be able to cause the DNS software to crash resulting in a denial-of-service condition.","resolution":"Apply patch NLnet Labs has released NSD version 3.2.2 and patches for versions 3.2.1 and 2.3.7. More information and links to these patches can be found in NLnet Labs NSD Announcement. Users are encouraged to check with their vendor to determine the appropriate patch or update to apply.","workarounds":"","sysaffected":"","thanks":"This issue was reported in NLnet Labs \nNSD Announcement","author":"This document was written by Chris Taschner.","public":["h","t","t","p",":","/","/","w","w","w",".","n","l","n","e","t","l","a","b","s",".","n","l","/","p","u","b","l","i","c","a","t","i","o","n","s","/","N","S","D","_","v","u","l","n","e","r","a","b","i","l","i","t","y","_","a","n","n","o","u","n","c","e","m","e","n","t",".","h","t","m","l"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2009-05-18T14:47:41Z","publicdate":"2009-05-18T00:00:00Z","datefirstpublished":"2009-05-20T13:22:19Z","dateupdated":"2009-06-01T19:41:56Z","revision":10,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"20","cam_population":"4","cam_impact":"8","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"8.4","cam_scorecurrentwidelyknown":"9.6","cam_scorecurrentwidelyknownexploited":"14.4","ipprotocol":"","cvss_accessvector":"--","cvss_accesscomplexity":"--","cvss_authentication":null,"cvss_confidentialityimpact":"--","cvss_integrityimpact":"--","cvss_availabilityimpact":"--","cvss_exploitablity":null,"cvss_remediationlevel":"Not Defined (ND)","cvss_reportconfidence":"Not Defined (ND)","cvss_collateraldamagepotential":"Not Defined (ND)","cvss_targetdistribution":"Not Defined (ND)","cvss_securityrequirementscr":"Not Defined (ND)","cvss_securityrequirementsir":"Not Defined (ND)","cvss_securityrequirementsar":"Not Defined (ND)","cvss_basescore":"0","cvss_basevector":"AV:--/AC:--/Au:--/C:--/I:--/A:--","cvss_temporalscore":"0","cvss_environmentalscore":"0","cvss_environmentalvector":"CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)","metric":8.4,"vulnote":null}