CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data. | 7.5 |
High |
||
query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet. | 5 |
|||
Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer overflow. | 5 |