VDB
CVE-2014-2031
CVE-2014-2031
PUBLISHED
CVSS 5.900000095367432 MEDIUM
Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to a logic error.
EPSS 0.73% · 73.1th percentile
Risk Scores
CVSS 3.0
5.900000095367432
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.73%
73.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| deadwood_project | deadwood | 3.0.01, 0 |
| maradns_project | maradns | 0, 2.0.05 |
| n/a | n/a | n/a |
Timeline
- Mar 20, 2018 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 14, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- [oss-security] 20140219 Re: CVE request: MaraDNS DoS due to incorrect bounds checking on certain strings mailing-list
- https://bugzilla.redhat.com/show_bug.cgi?id=1066609 url
- maradns-cve20142031-dos(91203) vdb
- 1029771 vdb
- http://samiam.org/blog/2014-02-12.html url
- https://nvd.nist.gov/vuln/detail/CVE-2014-2031 advisory