Vulnerability Description
The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a denial of service (CPU consumption) via crafted records in zone files, a different vulnerability than CVE-2012-0024.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Maradns | Maradns | <= 2.0.04 |
Related Weaknesses (CWE)
References
- http://samiam.org/blog/20111229.htmlPatchThird Party Advisory
- http://www.securitytracker.com/id?1026820Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72258Third Party AdvisoryVDB Entry
- http://samiam.org/blog/20111229.htmlPatchThird Party Advisory
- http://www.securitytracker.com/id?1026820Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72258Third Party AdvisoryVDB Entry
FAQ
What is CVE-2011-5056?
CVE-2011-5056 is a vulnerability with a CVSS score of 2.1 (LOW). The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a de...
How severe is CVE-2011-5056?
CVE-2011-5056 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-5056?
Check the references section above for vendor advisories and patch information. Affected products include: Maradns Maradns.