CVE-2012-2978
NSD 3.0.x-3.0.8, 3.1.x-3.1.1, 3.2.x<3.2.12 - Denial of Service via Crafted DNS Packet
Title source: llmDescription
query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/84097
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/624931
Vendor Advisory x_refsource_confirm
http://www.nlnetlabs.nl/downloads/CVE-2012-2978.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/54606
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/49795
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/49997
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2012/dsa-2515
Scores
EPSS
0.0924
EPSS Percentile
94.8%
Details
CWE
CWE-119
Status
published
Products (21)
nlnetlabs/nsd
3.0.0
nlnetlabs/nsd
3.0.1
nlnetlabs/nsd
3.0.2
nlnetlabs/nsd
3.0.3
nlnetlabs/nsd
3.0.4
nlnetlabs/nsd
3.0.5
nlnetlabs/nsd
3.0.6
nlnetlabs/nsd
3.0.7
nlnetlabs/nsd
3.0.8
nlnetlabs/nsd
3.1.0
... and 11 more
Published
Jul 27, 2012
Tracked Since
Feb 18, 2026