cpe:/a:nlnetlabs:nsd:2.0.0 cpe:/a:nlnetlabs:nsd:2.0.1 cpe:/a:nlnetlabs:nsd:2.0.2 cpe:/a:nlnetlabs:nsd:2.1.0 cpe:/a:nlnetlabs:nsd:2.1.1 cpe:/a:nlnetlabs:nsd:2.1.2 cpe:/a:nlnetlabs:nsd:2.1.3 cpe:/a:nlnetlabs:nsd:2.1.4 cpe:/a:nlnetlabs:nsd:2.1.5 cpe:/a:nlnetlabs:nsd:2.3.7 cpe:/a:nlnetlabs:nsd:3.2.1 CVE-2009-1755 2009-05-22T07:52:40.547-04:00 2009-05-29T00:00:00.000-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2009-05-22T10:54:00.000-04:00 MLIST [oss-security] 20090519 CVE id request: nsd CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529418 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=529420 CONFIRM http://www.nlnetlabs.nl/publications/NSD_vulnerability_announcement.html Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer overflow.