Vulnerability in NSD Name Server Daemon eliminated
A vulnerability in the Name Server Daemon (NSD), a free implementation of a DNS server by NLnet Labs, can be exploited to make DoS attacks. Certain packets can cause a one-byte buffer overflow in
packet_read_query_section in version 3.x and in
process_query_section in version 2.x. The consequence of this overflow is a denial-of-service condition which takes down the name server.
NSD versions 2.0.0 to 3.2.1 are affected. One of the errors has been fixed in version 3.2.2, and there are patches for versions 3.2.1 and 2.3.7.