Unrated severityNVD Advisory· Published Jan 28, 2011· Updated Apr 29, 2026

CVE-2011-0520

Description

The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow.

Affected products

Maradns/Maradns2 versions
cpe:2.3:a:maradns:maradns:1.4.03:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:maradns:maradns:1.4.03:*:*:*:*:*:*:*
- cpe:2.3:a:maradns:maradns:1.4.05:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/43027nvdVendor Advisory
bugs.debian.org/cgi-bin/bugreport.cginvd
osvdb.org/70630nvd
secunia.com/advisories/43107nvd
www.debian.org/security/2011/dsa-2196nvd
www.openwall.com/lists/oss-security/2011/01/24/1nvd
www.openwall.com/lists/oss-security/2011/01/24/6nvd
www.securityfocus.com/bid/45966nvd
www.vupen.com/english/advisories/2011/0699nvd
exchange.xforce.ibmcloud.com/vulnerabilities/64885nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000