Vulnerability Details : CVE-2010-2444
parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hostnames that do not end in a "." (dot) character, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted csv2 zone file.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-2444
Probability of exploitation activity in the next 30 days: 0.22%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 60 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-2444
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
References for CVE-2010-2444
-
http://www.openwall.com/lists/oss-security/2010/06/09/4
oss-security - CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvircPatch
-
http://maradns.org/download/maradns-1.4.02-parse_segfault.patch
MaraDNS - a small open-source DNS serverPatch
-
http://www.openwall.com/lists/oss-security/2010/06/24/5
oss-security - Re: CVE requests: maradns, freeciv, rbot, gitolite, gource, shib, kvirc
Products affected by CVE-2010-2444
- cpe:2.3:a:maradns:maradns:1.3.04:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.03:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.05:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.06:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.03:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.01:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.02:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.09:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.4.01:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.4.02:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.06:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.09:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.04:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.08:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.14:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.08:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.05:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.13:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.3.07.07:*:*:*:*:*:*:*