MaraDNS < 1.0.41 / 1.2.x < 1.2.12.08 / 1.3.x < 1.3.07.04 CNAME Record Resource Rotation Remote DoS

medium Nessus Plugin ID 73478

Synopsis

The DNS server running on the remote host is affected by a denial of service vulnerability.

Description

According to its self-reported version number, the MaraDNS server running on the remote host is affected by an issue during resource record rotation. This issue could allow a remote attacker to send a specially crafted packet, which will prevent an authoritative CNAME record from resolving, resulting in a denial of service.

Note that if the line 'max_ar_chain = 2' is in the configuration file, the host is not affected.

Solution

Upgrade to MaraDNS version 1.0.41 / 1.2.12.08 / 1.3.07.04 or later or refer to the vendor for a workaround.

See Also

http://maradns.blogspot.com/2007/08/maradns-update-all-versions.html

http://maradns.samiam.org/security.html

Plugin Details

Severity: Medium

ID: 73478

File Name: maradns_1_3_07_04.nasl

Version: 1.3

Type: remote

Family: DNS

Published: 4/11/2014

Updated: 7/14/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:maradns:maradns

Required KB Items: Settings/ParanoidReport, maradns/version, maradns/num_ver

Exploit Ease: No known exploits are available

Patch Publication Date: 8/29/2007

Vulnerability Publication Date: 8/29/2007

Reference Information

CVE: CVE-2008-0061

BID: 27124