4.3
CVE-2010-2444
- EPSS 1.86%
- Veröffentlicht 25.06.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:20:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hostnames that do not end in a "." (dot) character, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted csv2 zone file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.86% | 0.765 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
http://www.openwall.com/lists/oss-security/2010/06/09/4
http://www.openwall.com/lists/oss-security/2010/06/24/5