1. CVE-Search
  2. CVE-2008-4194
ID CVE-2008-4194
Summary The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."
References
Vulnerable Configurations
  • cpe:2.3:a:pdnsd:pdnsd:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.7a:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.7a:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par4:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par4:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par5:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par5:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par6:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par6:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par7:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par7:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par8:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par8:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.9-par:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.9-par:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.10-par:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.10-par:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.11-par:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.11-par:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.1.11a-par:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.1.11a-par:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.2-par:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.2-par:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.2.1_par:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.2.1_par:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.2.4-par:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.2.4-par:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:1.2.5-par:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:1.2.5-par:*:*:*:*:*:*:*
  • cpe:2.3:a:pdnsd:pdnsd:*:*:*:*:*:*:*:*
    cpe:2.3:a:pdnsd:pdnsd:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-08-2017 - 01:32)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
confirm
vupen ADV-2008-2582
xf pdnsd-pexecquery-dos(45594)
Last major update 08-08-2017 - 01:32
Published 24-09-2008 - 11:42
Last modified 08-08-2017 - 01:32
Back to Top