Title: MaraDNS Denial of Service Vulnerability
Severity: MODERATE
Description:
MaraDNS is secure, authoritative DNS server. It was originally written for Linux and Unix based systems, and has been ported to Microsoft Windows. MaraDNS has been designed to be secure, and includes features such as a buffer overflow resistant string library and the requirement to run as a non privileged user in a chroot environment.
A denial of service vulnerability exists in some versions of MaraDNS. It is possible to affect availability of the server through exploitation of an error in the compression handling for DNS communications. Further details on this vulnerability are not available at this time.
Earlier versions of MaraDNS share this vulnerability.
Affected Products:
- MaraDNS MaraDNS 0.5.28
- MaraDNS MaraDNS 0.5.29
- MaraDNS MaraDNS 0.5.30
- MaraDNS MaraDNS 0.8.99
- MaraDNS MaraDNS 0.9.0.00
References:
- MaraDNS: MaraDNS Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
