Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 397431 (CVE-2012-0024) - <net-dns/maradns-1.4.09: Hash collision DoS (CVE-2011-5055,CVE-2012-0024)
Summary: <net-dns/maradns-1.4.09: Hash collision DoS (CVE-2011-5055,CVE-2012-0024)
Status: RESOLVED FIXED
Alias: CVE-2012-0024
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://secunia.com/advisories/47425/
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks: hashDoS
  Show dependency tree
 
Reported: 2012-01-02 18:23 UTC by Agostino Sarubbo
Modified: 2012-02-26 19:28 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2012-01-02 18:23:47 UTC 
From secunia security advisory at $URL:

Description:
The vulnerability is caused due to an error within a hash generation function and can be exploited to cause a hash collision resulting in high CPU consumption.

The vulnerability is reported in versions prior to 1.4.09.

Solution:
Update to version 1.4.09.
Comment 1 MATSUU Takuto (RETIRED) gentoo-dev 2012-01-05 13:30:10 UTC 
1.4.09 in cvs.
please mark stable =net-dns/maradns-1.4.09.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2012-01-05 14:35:13 UTC 
Great, thank you.

Arches, please test and mark stable:
=net-dns/maradns-1.4.09
Target keywords : "amd64 ppc sparc x86"
Comment 3 Agostino Sarubbo gentoo-dev 2012-01-06 15:09:53 UTC 
amd64 stable
Comment 4 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-01-08 19:51:33 UTC 
x86 stable
Comment 5 Raúl Porcel (RETIRED) gentoo-dev 2012-01-14 18:31:23 UTC 
sparc keywords dropped
Comment 6 Brent Baude (RETIRED) gentoo-dev 2012-02-01 17:15:54 UTC 
ppc done; closing as last arch
Comment 7 Agostino Sarubbo gentoo-dev 2012-02-01 17:19:52 UTC 
@security, please vote
Comment 8 Tim Sammut (RETIRED) gentoo-dev 2012-02-02 02:40:05 UTC 
Thanks, folks. GLSA Vote: yes.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2012-02-20 05:34:30 UTC 
CVE-2012-0024 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0024):
  MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for
  DNS data without restricting the ability to trigger hash collisions
  predictably, which allows remote attackers to cause a denial of service (CPU
  consumption) by sending many crafted queries with the Recursion Desired (RD)
  bit set.
Comment 10 Sean Amoss (RETIRED) gentoo-dev Security 2012-02-20 21:36:38 UTC 
Vote: yes. Request filed.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2012-02-22 20:49:35 UTC 
This issue was resolved and addressed in
 GLSA 201202-03 at http://security.gentoo.org/glsa/glsa-201202-03.xml
by GLSA coordinator Sean Amoss (ackle).
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2012-02-26 19:24:22 UTC 
CVE-2011-5055 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5055):
  MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without
  properly restricting the ability to trigger hash collisions predictably,
  which allows remote attackers to cause a denial of service (CPU consumption)
  by sending many crafted queries with the Recursion Desired (RD) bit set. 
  NOTE: this issue exists because of an incomplete fix for CVE-2012-0024.
Comment 13 Tim Sammut (RETIRED) gentoo-dev 2012-02-26 19:28:36 UTC 
(In reply to comment #12)
> CVE-2011-5055 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5055):
>   MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without
>   properly restricting the ability to trigger hash collisions predictably,
>   which allows remote attackers to cause a denial of service (CPU consumption)
>   by sending many crafted queries with the Recursion Desired (RD) bit set. 
>   NOTE: this issue exists because of an incomplete fix for CVE-2012-0024.

CVE-2011-5055 was because of an incomplete fix for CVE-2012-0024; both were fixed in this bug.