Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer overflow.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Nlnetlabs Nsd 2.1.0 (not an official CPE)
Nginx 0.3.47
Nlnetlabs Nsd 2.1.3 (not an official CPE)
Nlnetlabs Nsd 2.1.4 (not an official CPE)
Nlnetlabs Nsd 2.1.1 (not an official CPE)
Nlnetlabs Nsd 2.1.2 (not an official CPE)
Nlnetlabs Nsd 2.1.5 (not an official CPE)
Nlnetlabs Nsd 2.0.0 (not an official CPE)
Nlnetlabs Nsd 2.0.1 (not an official CPE)
Nlnetlabs Nsd 2.3.7 (not an official CPE)
Nlnetlabs Nsd 2.0.2 (not an official CPE)