NSD packet.c Off-By-One Buffer Overflow

Medium Nessus Network Monitor Plugin ID 5040

Synopsis

The remote DNS server is vulnerable to a remote buffer overflow attack.

Description

The remote host is running a version of NSD DNS Server which has a stack buffer overflow vulnerability. A remote attacker could overwrite one byte in memory, leading to a denial of service. It is possible, but unlikely, that this vulnerability could result in remote code execution.

Solution

Upgrade to NSD version 3.2.2 or later, or apply the patch referenced in the vendor's advisory.

See Also

http://www.nlnetlabs.nl/publications/NSD_vulnerability_announcement.html

Plugin Details

Severity: Medium

ID: 5040

Family: DNS Servers

Published: 2004/08/18

Updated: 2019/03/06

Nessus ID: 38850

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSS v3.0

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Reference Information

BID: 35029