Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 352569 (CVE-2011-0520) - <net-dns/maradns-1.4.06: heap-based buffer overflow (CVE-2011-0520)
Summary: <net-dns/maradns-1.4.06: heap-based buffer overflow (CVE-2011-0520)
Alias: CVE-2011-0520
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
Whiteboard: B1 [glsa]
Depends on:
Reported: 2011-01-24 07:13 UTC by Paweł Hajdan, Jr. (RETIRED)
Modified: 2011-11-20 18:16 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-01-24 07:13:46 UTC
A crash bug has been reported against MaraDNS 1.4.03 when long queries are 
sent to the resolver. Details can be found at:

As of the time of writing, the reporter is testing other versions and at least 
1.4.05 also seems to be affected.
Comment 1 MATSUU Takuto (RETIRED) gentoo-dev 2011-01-24 13:24:41 UTC
1.4.05 in cvs.
Comment 2 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-01-24 14:43:41 UTC
(In reply to comment #0)
> As of the time of writing, the reporter is testing other versions and at least 
> 1.4.05 also seems to be affected.

(In reply to comment #1)
> 1.4.05 in cvs.

Thank you. However, it doesn't seem to fix the vulnerability, based on the above info and upstream's changelog.
Comment 3 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-01-25 07:08:16 UTC
According to maradns-1.4.05 is affected. Moreover, the issue is rated as "highly critical" by Secunia, and it may lead to arbitrary code execution.
Comment 4 MATSUU Takuto (RETIRED) gentoo-dev 2011-01-25 07:36:30 UTC
its my mistake.

maradns-2.0.01 is also affected.
Comment 5 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-01-30 12:17:31 UTC
1.4.06 has been released (, please bump the ebuild.
Comment 6 MATSUU Takuto (RETIRED) gentoo-dev 2011-01-30 14:34:54 UTC
1.4.06 in cvs.
removed 2.0.01 and p.mask.
please mark stable =net-dns/maradns-1.4.06
Comment 7 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-01-30 15:03:13 UTC
Thank you. Arches, please test and stabilize =net-dns/maradns-1.4.06
Comment 8 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-01-30 16:35:08 UTC
ppc stable
Comment 9 Christian Faulhammer (RETIRED) gentoo-dev 2011-01-30 17:41:33 UTC
x86 stable
Comment 10 Agostino Sarubbo gentoo-dev 2011-01-31 12:05:55 UTC
amd64 ok
Comment 11 Markos Chandras (RETIRED) gentoo-dev 2011-02-10 22:19:24 UTC
amd64 done. Thanks Agostino
Comment 12 Raúl Porcel (RETIRED) gentoo-dev 2011-02-12 17:54:10 UTC
sparc stable
Comment 13 Tim Sammut (RETIRED) gentoo-dev 2011-02-12 18:16:56 UTC
Thanks, everyone. GLSA request filed.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2011-06-24 00:30:43 UTC
CVE-2011-0520 (
  The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03,
  1.4.05, and probably other versions allows remote attackers to cause a
  denial of service (segmentation fault) and possibly execute arbitrary code
  via a long DNS hostname with a large number of labels, which triggers a
  heap-based buffer overflow.
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2011-11-20 18:16:45 UTC
This issue was resolved and addressed in
 GLSA 201111-06 at
by GLSA coordinator Alex Legler (a3li).