CVE-2019-13952

gdnsd/gdnsd

on github

Published

July 18, 2019

Severity

CVSS v3:

9.8 CRITICAL

CVSS v2:

7.5 HIGH

Description

The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.

References

https://github.com/gdnsd/gdnsd/issues/185

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:gdnsd:gdnsd::::::::	n/a	2.4.3	*
cpe:2.3:a:gdnsd:gdnsd::::::::	3.0.0 (including)	3.2.1	*

External Links

NVD - CVE-2019-13952