Summary
NSD is prone to an off-by-one buffer-overflow vulnerability because the server fails to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the affected server.
Failed exploit attempts will result in a denial-of-service condition.
Versions prior to NSD 3.2.2 are vulnerable.
Solution
The vendor has released fixes. Please see http://www.nlnetlabs.nl/projects/nsd/ for more information.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apple Safari 'Webkit' Multiple Vulnerabilities-01 Mar14 (Mac OS X)
- Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
- Adobe Flash Media Server Video Stream Capture Security Issue
- Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
- Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)