SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
IT News
Search
SecurityAlert Database
About SecurityAlert
ExploitAlert Database
SecurityReason Research
WLB
WLB Database
Send to WLB
About WLB
Services
Security Audit
Schedule
Prices of services
Contact
RSS
SecurityReason IT News
SecurityAlert
World Laboratory of Bugtraq
ExploitAlert
Apache
PHP
Corporate
Contact
About SecurityReason
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com
Home arrow SecurityAlert Database

Arrow  Topic :

Remote DoS in libevent DNS parsing <= 1.2a


Arrow  SecurityAlert : 2268
Arrow  CVE : CVE-2007-1030
Arrow  SecurityRisk : Low  Security Risk Low  (About)
Arrow  Remote Exploit : Yes
Arrow  Local Exploit : No
Arrow  Exploit Available : No
Arrow  Credit : Jon Oberheide
Arrow  Published : 22.02.2007

Arrow  Affected Software : libevent 1.2 - 1.2a



Arrow  Advisory Content :  

Author: Jon Oberheide <jon (at) oberheide (dot) org [email concealed]>
Date: Sun, February 18th, 2007

Summary
=======

Application: libevent
Affected Versions: 1.2 - 1.2a
Vendor Website: http://monkey.org/~provos/libevent/
Type of Vulnerability: Denial of Service - Remote

Background
==========

The libevent API provides a mechanism to execute a callback function
when a specific event occurs on a file descriptor or after a timeout
has been reached. Furthermore, libevent also support callbacks due
to signals or regular timeouts.

libevent is meant to replace the event loop found in event driven
network servers. An application just needs to call event_dispatch()
and then add or remove events dynamically without having to change
the event loop. Currently, libevent supports /dev/poll, kqueue(2),
select(2), poll(2) and epoll(4).

Recently, support for non-blocking DNS resolution was added to
libevent.

Description
===========

A bug exists in the parsing of DNS responses in libevent, specifically
in the handling of label pointers. Label pointers in DNS are meant to
cut down on redundant information and overall response size by
allowing a label to reference an arbitrary byte offset in the packet.
If a pointer references its own offset, a pointer loop is formed.
libevent's parsing code does not properly handle such pointer loops.

Impact
======

A malicious resolver, authoritative server, or inline attacker can
send a DNS reply containing a pointer loop, causing libevent's DNS
parsing to enter an endless loop, effectively DoS'ing the service.

Resolution
==========

Applications utilizing the DNS resolution functionality of libevent
should upgrade to version >= 1.3.

--
Jon Oberheide <jon (at) oberheide (dot) org [email concealed]>
GnuPG Key: 1024D/F47C17FE
Fingerprint: B716 DA66 8173 6EDD 28F6 F184 5842 1C89 F47C 17FE
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.2 (GNU/Linux)

iD8DBQBF2QS6WEIcifR8F/4RAgN3AKC4/lVBfvruRFDLeIRyqkgtoHsv5QCaA6Sy
6CQBYwGbr0tE0FD9TrbJ6tc=
=Fc5b
-----END PGP SIGNATURE-----




Arrow  Feedback :

If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
Alert

libc/fnmatch(3) DoS

Security Risk Medium- 2011-05-13

Allow attacker to denial of service apache 2.2.17 server
Apache RSS Apache Alert

» Apache HTTP Server Denial
   of Service Vulnerability

» Multiple Vendors
   libc/fnmatch(3) DoS (incl
   apache poc)

» Apache Continuum
   cross-site scripting
   vulnerability

» Apache Tomcat DoS
   Vulnerability
PHP RSS PHP Alert

» PHP Hashtables Denial of
   Service

» PHP 5.3.6 multiple null
   pointer dereference

» PHP 5.3.6 ZipArchive
   invalid use glob(3)

» libzip 0.9.3
   _zip_name_locate NULL
   Pointer Dereference (incl
   PHP 5.3.5)
ADT

Protect your family and valuables with Home Security Systems
Copyright © SecurityReason.com. All Rights Reserved.