FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nsd -- Denial of Service

Affected packages
nsd < 3.2.13


VuXML ID 17f369dc-d7e7-11e1-90a2-000c299b62e1
Discovery 2012-07-27
Entry 2012-07-27

Tom Hendrikx reports:

It is possible to crash (SIGSEGV) a NSD child server process by sending it a DNS packet from any host on the internet and the per zone stats build option is enabled. A crashed child process will automatically be restarted by the parent process, but an attacker may keep the NSD server occupied restarting child processes by sending it a stream of such packets effectively preventing the NSD server to serve.


CVE Name CVE-2012-2979