FreeBSD : maradns -- denial of service when resolving a long DNS hostname (8015600f-2c80-11e0-9cc1-00163e5bf4f9)
High Nessus Plugin ID 51832
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMaraDNS developer Sam Trenholme reports :
... a mistake in allocating an array of integers, allocating it in bytes instead of sizeof(int) units. This resulted in a buffer being too small, allowing it to be overwritten. The impact of this programming error is that MaraDNS can be crashed by sending MaraDNS a single 'packet of death'. Since the data placed in the overwritten array can not be remotely controlled (it is a list of increasing integers), there is no way to increase privileges exploiting this bug.
SolutionUpdate the affected package.