Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 397431 (CVE-2012-0024)

Summary: <net-dns/maradns-1.4.09: Hash collision DoS (CVE-2011-5055,CVE-2012-0024)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: matsuu
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://secunia.com/advisories/47425/
Whiteboard: B3 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 396397    

Description Agostino Sarubbo gentoo-dev 2012-01-02 18:23:47 UTC 
From secunia security advisory at $URL:

Description:
The vulnerability is caused due to an error within a hash generation function and can be exploited to cause a hash collision resulting in high CPU consumption.

The vulnerability is reported in versions prior to 1.4.09.

Solution:
Update to version 1.4.09.
Comment 1 MATSUU Takuto (RETIRED) gentoo-dev 2012-01-05 13:30:10 UTC 
1.4.09 in cvs.
please mark stable =net-dns/maradns-1.4.09.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2012-01-05 14:35:13 UTC 
Great, thank you.

Arches, please test and mark stable:
=net-dns/maradns-1.4.09
Target keywords : "amd64 ppc sparc x86"
Comment 3 Agostino Sarubbo gentoo-dev 2012-01-06 15:09:53 UTC 
amd64 stable
Comment 4 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-01-08 19:51:33 UTC 
x86 stable
Comment 5 Raúl Porcel (RETIRED) gentoo-dev 2012-01-14 18:31:23 UTC 
sparc keywords dropped
Comment 6 Brent Baude (RETIRED) gentoo-dev 2012-02-01 17:15:54 UTC 
ppc done; closing as last arch
Comment 7 Agostino Sarubbo gentoo-dev 2012-02-01 17:19:52 UTC 
@security, please vote
Comment 8 Tim Sammut (RETIRED) gentoo-dev 2012-02-02 02:40:05 UTC 
Thanks, folks. GLSA Vote: yes.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2012-02-20 05:34:30 UTC 
CVE-2012-0024 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0024):
  MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for
  DNS data without restricting the ability to trigger hash collisions
  predictably, which allows remote attackers to cause a denial of service (CPU
  consumption) by sending many crafted queries with the Recursion Desired (RD)
  bit set.
Comment 10 Sean Amoss (RETIRED) gentoo-dev Security 2012-02-20 21:36:38 UTC 
Vote: yes. Request filed.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2012-02-22 20:49:35 UTC 
This issue was resolved and addressed in
 GLSA 201202-03 at http://security.gentoo.org/glsa/glsa-201202-03.xml
by GLSA coordinator Sean Amoss (ackle).
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2012-02-26 19:24:22 UTC 
CVE-2011-5055 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5055):
  MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without
  properly restricting the ability to trigger hash collisions predictably,
  which allows remote attackers to cause a denial of service (CPU consumption)
  by sending many crafted queries with the Recursion Desired (RD) bit set. 
  NOTE: this issue exists because of an incomplete fix for CVE-2012-0024.
Comment 13 Tim Sammut (RETIRED) gentoo-dev 2012-02-26 19:28:36 UTC 
(In reply to comment #12)
> CVE-2011-5055 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5055):
>   MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without
>   properly restricting the ability to trigger hash collisions predictably,
>   which allows remote attackers to cause a denial of service (CPU consumption)
>   by sending many crafted queries with the Recursion Desired (RD) bit set. 
>   NOTE: this issue exists because of an incomplete fix for CVE-2012-0024.

CVE-2011-5055 was because of an incomplete fix for CVE-2012-0024; both were fixed in this bug.