CVE-2012-2978

NSD 3.0.x-3.0.8, 3.1.x-3.1.1, 3.2.x<3.2.12 - Denial of Service via Crafted DNS Packet

Title source: llm
STIX 2.1

Description

query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/84097
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/624931
Vendor Advisory x_refsource_confirm
http://www.nlnetlabs.nl/downloads/CVE-2012-2978.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/54606
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49795
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49997
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2012/dsa-2515

Scores

EPSS 0.0924
EPSS Percentile 94.8%

Details

CWE
CWE-119
Status published
Products (21)
nlnetlabs/nsd 3.0.0
nlnetlabs/nsd 3.0.1
nlnetlabs/nsd 3.0.2
nlnetlabs/nsd 3.0.3
nlnetlabs/nsd 3.0.4
nlnetlabs/nsd 3.0.5
nlnetlabs/nsd 3.0.6
nlnetlabs/nsd 3.0.7
nlnetlabs/nsd 3.0.8
nlnetlabs/nsd 3.1.0
... and 11 more
Published Jul 27, 2012
Tracked Since Feb 18, 2026