CVE-2019-13207: user/nsd: stack-based buffer overflow due to malformed configuration
| Bugzilla ID | 193 |
| Alias(es) | CVE-2019-13207 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2019-09-09 16:14:18 -0500 |
| Modified | 2019-09-30 11:54:35 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-BETA4 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2019-13207 |
Description
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer
Overflow in the dname_concatenate() function in dname.c.
Fixed in >= 4.2.2 https://github.com/NLnetLabs/nsd/commit/91102da24d5949ccfec8fdab5bae2d01c4cabab5