FKIE_CVE-2011-3581

Vulnerability from fkie_nvd - Published: 2011-11-04 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length.
References
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-October/068091.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-October/068201.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-October/068239.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2011-10/msg00008.html
secalert@redhat.comhttp://nlnetlabs.nl/svn/ldns/tags/release-1.6.11/Changelog
secalert@redhat.comhttp://seclists.org/oss-sec/2011/q3/503
secalert@redhat.comhttp://seclists.org/oss-sec/2011/q3/542
secalert@redhat.comhttp://secunia.com/advisories/46470Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/46476Vendor Advisory
secalert@redhat.comhttp://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403
secalert@redhat.comhttp://www.securityfocus.com/bid/49748
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068091.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068201.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068239.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00008.html
af854a3a-2127-422b-91ae-364da2661108http://nlnetlabs.nl/svn/ldns/tags/release-1.6.11/Changelog
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2011/q3/503
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2011/q3/542
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46470Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46476Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/49748
Impacted products
Vendor Product Version
nlnetlabs ldns *
nlnetlabs ldns 0.50
nlnetlabs ldns 0.60
nlnetlabs ldns 0.65
nlnetlabs ldns 0.66
nlnetlabs ldns 0.70
nlnetlabs ldns 1.0.0
nlnetlabs ldns 1.1.0
nlnetlabs ldns 1.2.0
nlnetlabs ldns 1.2.1
nlnetlabs ldns 1.2.2
nlnetlabs ldns 1.3
nlnetlabs ldns 1.4.0
nlnetlabs ldns 1.4.1
nlnetlabs ldns 1.5.0
nlnetlabs ldns 1.5.1
nlnetlabs ldns 1.6.0
nlnetlabs ldns 1.6.1
nlnetlabs ldns 1.6.2
nlnetlabs ldns 1.6.3
nlnetlabs ldns 1.6.4
nlnetlabs ldns 1.6.5
nlnetlabs ldns 1.6.6
nlnetlabs ldns 1.6.7
nlnetlabs ldns 1.6.8
nlnetlabs ldns 1.6.9
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAAE9A5-856A-4700-BDDF-068341148A24",
              "versionEndIncluding": "1.6.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:0.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "8833B0F4-9810-4AB6-A15A-C5DB4E2A8CDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:0.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "B738328F-A547-4EC2-B16E-4387A60068F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:0.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "112848BE-2A97-4501-AE12-A3335C0D8E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:0.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF2715C8-63C4-43A5-AB38-3C682D5B36F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:0.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D332B67-C682-4805-A027-4EE3D863E143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07AB479-B917-4E35-923E-26BA6892B638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0834861-0A50-4D6C-B3AE-4317125A12A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C3C72D3-C619-4CD6-A262-B3A6D548755C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "911F986F-F9F2-45F4-B2C1-7ECF8374DD9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "77FD9D1D-AF2B-4D5E-8C0F-FCB246F67CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2EAB456-1640-4E2E-9CFF-D5621AE838ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7036E2A8-39EB-45D1-B0A5-80C35F737281",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B747B09-4C10-4F06-9E75-08C220ABED84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B3045A3-7790-465A-A2E1-4DD50887E1B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "442A3169-330A-4357-BA54-D025F965FFFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F2C75EA-303D-4A6B-9D29-027F4113AC66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D538E205-514C-4F3B-A321-6C12DFE818C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB72815C-BD06-4D00-A56A-55758ADC9422",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A734953E-97F4-4E59-BDEA-68B0F762C5D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C11E750-99FB-4CF6-AE58-35BF90010C88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "544526A4-1581-49C0-8725-369CEF426937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F850CB5B-66A3-4DCD-AF3D-4EC4E99A3301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F144E4B-73E6-456E-8FDE-57AB68A27CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E343A1CE-D4C9-4A04-B5C6-604447CC22F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nlnetlabs:ldns:1.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "166CA872-3BA7-41C4-909B-F556EF947866",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a specified length."
    },
    {
      "lang": "es",
      "value": "Desboramiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n ldns_rr_new_frm_str_internal en ldns antes de v1.6.11, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un Resource Record (RR) con una entrada que contiene un tipo desconocido m\u00e1s largo del tama\u00f1o especificado"
    }
  ],
  "id": "CVE-2011-3581",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-11-04T21:55:06.037",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068091.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068201.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068239.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00008.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://nlnetlabs.nl/svn/ldns/tags/release-1.6.11/Changelog"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/oss-sec/2011/q3/503"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/oss-sec/2011/q3/542"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46470"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46476"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/49748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068091.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068201.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068239.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00008.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://nlnetlabs.nl/svn/ldns/tags/release-1.6.11/Changelog"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/oss-sec/2011/q3/503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/oss-sec/2011/q3/542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/49748"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.