CVE-2010-2444 Information

Description

parse/Csv2_parse.c in MaraDNS 1.3.03 and other versions before 1.4.03 does not properly handle hostnames that do not end in a .\ (dot) character which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted csv2 zone file.

Reference

http://maradns.org/download/maradns-1.4.02-parse_segfault.patch http://www.openwall.com/lists/oss-security/2010/06/09/4 http://www.openwall.com/lists/oss-security/2010/06/24/5