MaraDNS: Arbitrary code execution
Gentoo Linux Security Advisory
||GLSA 201111-06 / MaraDNS
||November 20, 2011
||November 20, 2011: 1
All supported architectures
A buffer overflow vulnerability in MaraDNS allows remote attackers
to execute arbitrary code or cause a Denial of Service.
MaraDNS is a proxy DNS server with permanent caching.
A long DNS hostname with a large number of labels could trigger a buffer
overflow in the compress_add_dlabel_points() function of dns/Compress.c.
A remote unauthenticated attacker could execute arbitrary code or cause
a Denial of Service.
There is no known workaround at this time.
All MaraDNS users should upgrade to the latest stable version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/maradns-1.4.06"
NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since February 12, 2011. It is likely that your system is
already no longer affected by this issue.