Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
dnrd DNS请求远程拒绝服务攻击漏洞
Vulnerability Description
Dnrd是一个代理DNS请求的守护进程,它适用于需要多个ISP支持的家庭网络。它可以转发所有DNS请求到相应ISP的DNS服务器。 Dnrd 2.10存在设计问题,远程攻击者可以对服务器程序实施拒绝服务攻击。 通过向dnrd进程发送随机的数据流,会导致服务器进程崩溃。这是由于parse_query、get_objectname函数(或其他函数)没有正确进行边界检查引起的。利用这个问题,攻击者也有可能在主机上执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A