CVE-2017-9109 in adnsinfo

Zusammenfassung

von MITRE

An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interleaving answers for the CNAME target, with the CNAME itself. In that case the answer data structure (on the heap) can be overrun. With this fixed, it prefers to look only at the answer RRs which come after the CNAME, which is at least arguably correct.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

21.05.2017

Moderieren

akzeptiert

Eintrag

VDB-227083

CPE

bereit

CWE

CWE-119 (bestätigt)

CVSS

9.8 (NVD)

EPSS

0.02050

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-9109
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-9109
CVE Details	https://www.cvedetails.com/cve/CVE-2017-9109/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!