ID |
CVE-2005-4794
|
Summary |
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. Cisco has released advisory cisco-sn-20050524-dns to address this issue. Please see the referenced advisory for further information on obtaining fixes. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:ata:186:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ata:186:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:ata:188:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ata:188:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:subscriber_edge_services_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:subscriber_edge_services_manager:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:ip_phone_7902:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:ip_phone_7902:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:ip_phone_7905:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:ip_phone_7905:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:ip_phone_7912:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:ip_phone_7912:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:unity_express:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unity_express:*:*:*:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 20-07-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
refmap
via4
|
bid | 13729 | cisco | 20050524 Crafted DNS Packet Can Cause Denial Of Service | misc | | osvdb | 19003 | sectrack | - 1014043
- 1014044
- 1014045
- 1014046
- 1015975
| secunia | 15472 | xf | cisco-dns-dos(20712) |
|
Last major update |
20-07-2017 - 01:29 |
Published |
31-12-2005 - 05:00 |
Last modified |
20-07-2017 - 01:29 |