Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834 http://www.vuxml.org/freebsd/8015600f-2c80-11e0-9cc1-00163e5bf4f9.html
Insight
The following package is affected: maradns
CVE-2011-0520
The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow.
Severity
Classification
-
CVE CVE-2011-0520 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities