CVE-2011-3581
Published: 4 November 2011
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length.
Priority
Status
Package | Release | Status |
---|---|---|
ldns Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Not vulnerable
(1.6.11-1)
|
|
quantal |
Not vulnerable
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Not vulnerable
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
upstream |
Released
(1.6.11)
|