Vulnerabilites related to delegate - delegate
Vulnerability from fkie_nvd
Published
2001-12-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9180C95-FF6F-4A0C-9DE0-DFF6D8387698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68FA1404-9FA2-4379-96BC-6D7970C0EAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EABEE7AB-7C45-473E-9873-0423F2249F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F66F57-6AEB-4E3C-B148-BC7D11E1EBEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a \"403 Forbidden\" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error."
},
{
"lang": "es",
"value": "Vulnerabildad de secuencias de comandos en sitios cruzados (cross-site scripting) en DeleGate 7.7.0 y 7.7.1 no procesa las secuencias de comandos en una p\u00e1gina de error \u0027403 Forbidden\u0027, lo que permite a atacantes remotos ejecutar Javascript arbitrario en otros clientes mediante una URL que genera un error."
}
],
"id": "CVE-2001-1202",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=100956050432351\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7745.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=100956050432351\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7745.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3749"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to "overflows on arrays."
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7430078-8331-4A09-9547-590695A02A23",
"versionEndIncluding": "8.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to \"overflows on arrays.\""
}
],
"id": "CVE-2005-0861",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/14649"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.delegate.org/mail-lists/delegate-en/2840"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/14649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.delegate.org/mail-lists/delegate-en/2840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-15 15:15
Modified
2024-11-21 02:36
Severity ?
Summary
DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://seclists.org/fulldisclosure/2015/Dec/123 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.vapidlabs.com/advisory.php?v=159 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2015/Dec/123 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vapidlabs.com/advisory.php?v=159 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:9.9.13:*:*:*:*:*:*:*",
"matchCriteriaId": "DA19FD8E-B928-430B-BC7E-43502B3B7A68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program."
},
{
"lang": "es",
"value": "DeleGate versi\u00f3n 9.9.13, permite a usuarios locales alcanzar privilegios como es demostrado por el programa dgcpnod setuid."
}
],
"id": "CVE-2015-7556",
"lastModified": "2024-11-21T02:36:58.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-15T15:15:11.377",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/123"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.vapidlabs.com/advisory.php?v=159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.vapidlabs.com/advisory.php?v=159"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9180C95-FF6F-4A0C-9DE0-DFF6D8387698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68FA1404-9FA2-4379-96BC-6D7970C0EAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EABEE7AB-7C45-473E-9873-0423F2249F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F66F57-6AEB-4E3C-B148-BC7D11E1EBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "611AD3E5-708F-46BB-B21D-09598E1C4771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AD59AEEB-D524-4337-8962-B29863CBC889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F15245AF-B9B6-4D46-A901-A781FC0BAF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A3E1EB-89A5-4326-8977-9B462065C39B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD607D2-2B07-474B-A855-2C3319B42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4B4665-84C4-4129-9916-ABAC61B81FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4131A4A5-5D67-4522-9A6E-E708815B5B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C30DD0-C957-44BA-B44C-7B424E664B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2E24A5-A864-4F42-A053-2FDA9D09A4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0993A56D-3A68-464A-B580-BE2EC3846F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF6186E-90D1-4D22-A469-0E955D5F1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7323E750-C596-46FC-AA85-9271CC9C2CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7EA693-9873-4201-B66D-D0AC08E7F560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "022F8E8E-F6A1-4782-82D0-686E6FADCF44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E269F0-8CFD-45DB-AF82-F9F57EDD0D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "752CC26D-33D2-43F1-A43B-E101553895C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "317134CF-981A-44CC-B068-BA762AED5EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20BAB657-CAB8-4473-9EE5-5F725F2EB1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84D1387B-91E2-4AC8-B387-B50F4D7DFDC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19028501-E538-4F36-8DF7-3D2A76D86895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7173317-9F5E-4F80-A957-02084B8DC8C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "297935D9-E108-4DB1-B4C8-2AC43DB6EA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "770BBF88-63D2-4AD6-B28F-5664DFFD746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "45B16588-35CA-4640-8FA8-BC63D91C7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA35F28-CAA5-4C03-ABB8-4647537CC8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAC824F-2031-4427-BF38-C32A7644D2B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7884CCA6-2031-41DB-860D-AF18047AF617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A906D87C-5557-4FC0-BBF3-7169EF35DEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC34DC23-117A-403E-9C87-79B1C512A5DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE559DF-3874-42E7-BB5B-8968E52D7A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "11068A01-20FB-4039-8919-85CF93F0FF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9435E392-AE02-48A8-9A2D-3D1593DA3DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B3D730-15C0-494A-A0B6-231C9F370A58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A917E7C9-BC1A-4D62-9A89-9D73A748D926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.5.29:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A01622-5254-4B3B-9412-771BE7400FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3A5A98-3544-4A95-8436-0DF013B22CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "BECF00EC-A188-4B7F-BA51-3AAC3B4195B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.8.05:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2370B5-681D-469F-B07C-B9212A975C60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pliant:pliant_dns_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA13B142-71F9-475E-A28A-DDE94BE0E7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1930E3DE-67BE-41F2-B8E3-BA8E18762C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7DD08-C349-4687-8FAF-CCD211A9C166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.6:*:*:*:*:*:*:*",
"matchCriteriaId": "981611C8-B957-428B-9500-37C60AE0E7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D34782A9-4CCB-45AD-BA23-EE98EE218B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9D2517-4EAF-4DB9-B0EE-51F65671D45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA40391-39D5-4CB7-BB8E-048C4ECBC3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.60.0:*:*:*:*:*:*:*",
"matchCriteriaId": "135BFFE3-FF18-4462-9D19-2DF986E947DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.60.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD907CE8-E0CD-46AA-A9E4-3D0FA3939DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:m5pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "530D1254-DC0A-4A7C-9520-D0F45B9AF278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:m5pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3BF047-0339-4064-9B3B-68E96F1AB1B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7BC4C8-FB7B-4A88-B97B-984D9AA8EA1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1D98E1-EBE1-4697-906F-E29C91D9074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.1_beta_a:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB1D7C0-E484-4441-AA68-FBA5A3309547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F0670C-C07E-4A84-952B-88200D2D9B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.1_build_993:*:*:*:*:*:*:*",
"matchCriteriaId": "82CD8E2B-37BF-4989-ABF3-9EC8E6F1C079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.1_build_995:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCFB397-9F5F-42F8-ABB3-9700F100D43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:team_johnlong:raidendnsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4967B8F-D25F-4B55-842E-0C7819EDA88A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37F0C4C8-E648-4486-BFE3-23333FCFF118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "56647964-82B3-4A7A-BE0D-C252654F8CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B83A6F-1996-49B7-BA76-98B83548F289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E021E51E-EA28-4E61-A08A-A590984A483E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "94ABCB8C-8EED-4635-BA54-735CA12A1F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "38C70CE1-0116-4C91-AB59-0C0D9F17099B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "44B1C47A-938B-4F9B-B4B5-88B8622DC965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E890E332-7A3B-4B6A-91B3-7FEFAF5DBA6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "4830EAF7-9504-4090-8DDD-6CC6658ABFD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "7E26AD96-7BA4-4722-B059-6444FFC2E6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "E06E7446-34EC-428A-82EE-2E24F2908C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4996E0-097B-4B79-8A1C-CE55F94B8D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0200586F-7F71-47F6-8D2E-F06E1BF418E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "F5764F35-7F21-40D0-A3FF-8EEF97F7931D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE3CF46-91CC-4AFD-B178-48AE90E0E339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "D79A54BC-789D-4ED2-B3BC-C42959D7FFF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8A437-5AF7-448E-9AF8-D8FBA481CFE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "5663D3D1-5962-4C43-B689-089EAFE25FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "34EDC537-0EFF-46EA-8368-A690480E5D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "39798220-4621-4C5D-B6A7-6639D02E0C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "05EF66A4-F7BB-40C3-9CBF-5DB8715780C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCA7249-7F8F-4A2D-B98F-6AA0ECF17D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "0E942419-3272-4267-AF23-4B6071D71277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "3848A541-4F14-4E3B-99EE-B7C5A886C541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "34E980E1-62B8-4E37-AE9D-DFE033053620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "730E6E09-C0C8-4F8A-BE07-BFED00FC1235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2400_video_server:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "81100E37-1B99-4317-829F-B4A2278FA323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2400_video_server:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "10321B16-1675-4609-8267-3971A9062AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2401_video_server:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "35F0E1BA-D05F-41CB-ACD9-035A6DF4735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD73320-38DA-4606-9CEA-F0C9D5A3215F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "B8374F1E-06BC-4A9E-8666-336AACC1F5BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA3F905-8AC0-42A3-AC63-BA61AE6619AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "46E11270-65DE-4C07-A103-66217691069E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93D2AD-FA36-4A6C-AC52-6FD0F3AE6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D109CF38-0F5F-4A20-8A4A-DBE14D7826CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6E6FEA-9D2E-4ACD-8C3A-98DA4EB1C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "10B4A828-33F4-4FB7-9637-3C761A73AEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2460_network_dvr:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "41CB517F-BDC9-40D0-AB0D-2DFC7669E8F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet."
}
],
"id": "CVE-2004-0789",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13145"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| delegate | delegate | * | |
| delegate | delegate | 5.9.3 | |
| delegate | delegate | 7.7.0 | |
| delegate | delegate | 7.7.1 | |
| delegate | delegate | 7.8.0 | |
| delegate | delegate | 7.8.1 | |
| delegate | delegate | 7.8.2 | |
| delegate | delegate | 7.9.11 | |
| delegate | delegate | 8.3.3 | |
| delegate | delegate | 8.3.4 | |
| delegate | delegate | 8.4.0 | |
| delegate | delegate | 8.5.0 | |
| delegate | delegate | 8.9 | |
| delegate | delegate | 8.9.1 | |
| delegate | delegate | 8.9.2 | |
| delegate | delegate | 8.9.3 | |
| delegate | delegate | 8.9.4 | |
| delegate | delegate | 8.9.5 | |
| delegate | delegate | 8.9.6 | |
| delegate | delegate | 8.10 | |
| delegate | delegate | 8.10.1 | |
| etl | delegate | 5.9 | |
| etl | delegate | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA550D1F-C383-4AD1-9648-18E609159214",
"versionEndIncluding": "8.10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:5.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5364C4-C5A5-4621-AC56-BB845BEF8A83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9180C95-FF6F-4A0C-9DE0-DFF6D8387698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68FA1404-9FA2-4379-96BC-6D7970C0EAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EABEE7AB-7C45-473E-9873-0423F2249F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F66F57-6AEB-4E3C-B148-BC7D11E1EBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "611AD3E5-708F-46BB-B21D-09598E1C4771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AD59AEEB-D524-4337-8962-B29863CBC889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F15245AF-B9B6-4D46-A901-A781FC0BAF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A3E1EB-89A5-4326-8977-9B462065C39B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD607D2-2B07-474B-A855-2C3319B42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4B4665-84C4-4129-9916-ABAC61B81FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4131A4A5-5D67-4522-9A6E-E708815B5B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C30DD0-C957-44BA-B44C-7B424E664B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2E24A5-A864-4F42-A053-2FDA9D09A4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0993A56D-3A68-464A-B580-BE2EC3846F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF6186E-90D1-4D22-A469-0E955D5F1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7323E750-C596-46FC-AA85-9271CC9C2CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A53A0AC-B047-4E60-A7E6-2E2710379F89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F8A23D-2106-4803-AD52-DCB42FB51E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DE1799-48D4-491A-AB1E-25169ED99F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:etl:delegate:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F6584618-DFEC-416F-8335-7106EA25BE94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:etl:delegate:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18763780-3419-4EFE-ABC7-0BE51CC90881",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop."
}
],
"id": "CVE-2005-0036",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/25291"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/13729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13729"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-27 22:02
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| delegate | delegate | 7.7.0 | |
| delegate | delegate | 7.7.1 | |
| delegate | delegate | 7.8.0 | |
| delegate | delegate | 7.8.1 | |
| delegate | delegate | 7.8.2 | |
| delegate | delegate | 7.9.11 | |
| delegate | delegate | 8.3.3 | |
| delegate | delegate | 8.3.4 | |
| delegate | delegate | 8.4.0 | |
| delegate | delegate | 8.5.0 | |
| delegate | delegate | 8.9 | |
| delegate | delegate | 8.9.1 | |
| delegate | delegate | 8.9.2 | |
| delegate | delegate | 8.9.3 | |
| delegate | delegate | 8.9.4 | |
| delegate | delegate | 8.9.5 | |
| delegate | delegate | 8.9.6 | |
| delegate | delegate | 8.10 | |
| delegate | delegate | 8.10.1 | |
| delegate | delegate | 8.10.2 | |
| delegate | delegate | 8.10.3 | |
| delegate | delegate | 8.10.4 | |
| delegate | delegate | 8.10.5 | |
| delegate | delegate | 8.10.6 | |
| delegate | delegate | 8.11 | |
| delegate | delegate | 8.11.1 | |
| delegate | delegate | 8.11.2 | |
| delegate | delegate | 8.11.3 | |
| delegate | delegate | 8.11.4 | |
| delegate | delegate | 8.11.5 | |
| delegate | delegate | 9.0 | |
| delegate | delegate | 9.0.1 | |
| delegate | delegate | 9.0.2 | |
| delegate | delegate | 9.0.3 | |
| delegate | delegate | 9.0.4 | |
| delegate | delegate | 9.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9180C95-FF6F-4A0C-9DE0-DFF6D8387698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68FA1404-9FA2-4379-96BC-6D7970C0EAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EABEE7AB-7C45-473E-9873-0423F2249F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F66F57-6AEB-4E3C-B148-BC7D11E1EBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "611AD3E5-708F-46BB-B21D-09598E1C4771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AD59AEEB-D524-4337-8962-B29863CBC889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F15245AF-B9B6-4D46-A901-A781FC0BAF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A3E1EB-89A5-4326-8977-9B462065C39B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD607D2-2B07-474B-A855-2C3319B42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4B4665-84C4-4129-9916-ABAC61B81FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4131A4A5-5D67-4522-9A6E-E708815B5B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C30DD0-C957-44BA-B44C-7B424E664B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2E24A5-A864-4F42-A053-2FDA9D09A4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0993A56D-3A68-464A-B580-BE2EC3846F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF6186E-90D1-4D22-A469-0E955D5F1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7323E750-C596-46FC-AA85-9271CC9C2CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A53A0AC-B047-4E60-A7E6-2E2710379F89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F8A23D-2106-4803-AD52-DCB42FB51E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6DE1799-48D4-491A-AB1E-25169ED99F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "14537B85-AA76-462F-85B6-CCF0BBCBC44C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4B64148-75F2-4646-942D-D6E77D84C65E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC64544-CE2E-446A-B689-44DBA4050D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "93AE9A8A-B18E-4365-8AB6-CF2D63F95E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB2AEB0-1208-4B2E-92E2-5FF64A3A2125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2BBD6EEE-A728-4571-8AA9-CFCB66FC0288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB89A90-BFF5-4F68-82E8-A097D72155A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95B814C6-C489-4EAF-AEB3-33DF2E712AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7EF631-20CC-4FEF-9F46-DA9D39D8FFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "24E50FA1-1EA7-478C-A268-DD8F593E07F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8E404D7F-0C85-4C86-A6CE-428DE943E51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D82D47C8-BE79-4612-B2AE-C032C04E00D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB38D09-367F-4D5C-85AC-A31ADB3122DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "78AF45C0-40FB-4208-8CC7-EB49FE6EA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95BAE78B-6548-44EB-A45D-0C41E7798A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B5249894-59CD-4C49-9D7F-52243CD952D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:9.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56E6EFAE-E84F-4CCB-9AB7-E0364EEF12C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite."
}
],
"id": "CVE-2006-2072",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-27T22:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19750"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015991"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/955777"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17691"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1505"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1506"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/955777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9180C95-FF6F-4A0C-9DE0-DFF6D8387698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68FA1404-9FA2-4379-96BC-6D7970C0EAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EABEE7AB-7C45-473E-9873-0423F2249F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F66F57-6AEB-4E3C-B148-BC7D11E1EBEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy."
}
],
"id": "CVE-2002-1781",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-02/0051.html"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/256117"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.globalintersec.com/adv/delegate-2002012101.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4055"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-02/0051.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/256117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.globalintersec.com/adv/delegate-2002012101.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8114"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-07-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B52E9623-AFCD-4AA6-A47B-DC3596897042",
"versionEndIncluding": "5.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions."
}
],
"id": "CVE-1999-1338",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-07-21T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=93259112204664\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=93259112204664\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-05-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| delegate | delegate | 7.7.0 | |
| delegate | delegate | 7.7.1 | |
| delegate | delegate | 7.8.0 | |
| delegate | delegate | 7.8.1 | |
| delegate | delegate | 7.8.2 | |
| delegate | delegate | 7.9.11 | |
| delegate | delegate | 8.3.3 | |
| delegate | delegate | 8.3.4 | |
| delegate | delegate | 8.4.0 | |
| delegate | delegate | 8.5.0 | |
| delegate | delegate | 8.9 | |
| delegate | delegate | 8.9.1 | |
| delegate | delegate | 8.9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9180C95-FF6F-4A0C-9DE0-DFF6D8387698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68FA1404-9FA2-4379-96BC-6D7970C0EAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EABEE7AB-7C45-473E-9873-0423F2249F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F66F57-6AEB-4E3C-B148-BC7D11E1EBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "611AD3E5-708F-46BB-B21D-09598E1C4771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AD59AEEB-D524-4337-8962-B29863CBC889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F15245AF-B9B6-4D46-A901-A781FC0BAF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A3E1EB-89A5-4326-8977-9B462065C39B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD607D2-2B07-474B-A855-2C3319B42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4B4665-84C4-4129-9916-ABAC61B81FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4131A4A5-5D67-4522-9A6E-E708815B5B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C30DD0-C957-44BA-B44C-7B424E664B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2E24A5-A864-4F42-A053-2FDA9D09A4B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field."
}
],
"id": "CVE-2004-2003",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-05-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108386181021070\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11569"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5945"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10295"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108386181021070\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16078"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-200512-0640
Vulnerability from variot
The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Note that some other DNS packet processing systems have the issues related to this vulnerability. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products Compressed DNS Messages Denial of Service
SECUNIA ADVISORY ID: SA15472
VERIFY ADVISORY: http://secunia.com/advisories/15472/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/
SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0640",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.0,
"vendor": "delegate",
"version": "5.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.0,
"vendor": "etl",
"version": "6.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.0,
"vendor": "etl",
"version": "5.9"
},
{
"model": "delegate",
"scope": "lte",
"trust": 1.0,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.9,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ethereal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tcpdump",
"version": null
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.8,
"vendor": "delegate",
"version": "8.10.2 and eariler"
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": "unity express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79120"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3700"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7325"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "565"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "510"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ata-188",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.18"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "subscriber edge services manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(2)"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:delegate:delegate",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0036",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0036",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0036",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#23495",
"trust": 0.8,
"value": "41.92"
},
{
"author": "NVD",
"id": "CVE-2005-0036",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-967",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2005-0036",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Note that some other DNS packet processing systems have the issues related to this vulnerability. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0036"
},
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "PACKETSTORM",
"id": "37713"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13729",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2005-0036",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "25291",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "15472",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1014043",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014044",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014045",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014046",
"trust": 0.8
},
{
"db": "BID",
"id": "1165",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#23495",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2005-0036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37713",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"id": "VAR-200512-0640",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3638431
},
"last_update_date": "2024-11-23T22:04:38.597000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.delegate.org/delegate/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/13729"
},
{
"trust": 2.9,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"trust": 1.7,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/25291"
},
{
"trust": 1.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15472/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1165"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014046"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014045"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014044"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014043"
},
{
"trust": 0.8,
"url": "http://www.ethereal.com"
},
{
"trust": 0.8,
"url": "http://www.tcpdump.org"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0036"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20050524-00432.xml"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/0610"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-589088/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0036"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=9258"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5151/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2268/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2269/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2809/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2005-12-31T00:00:00",
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"date": "2005-05-24T00:00:00",
"db": "BID",
"id": "13729"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37713"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULMON",
"id": "CVE-2005-0036"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13729"
},
{
"date": "2008-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000343"
},
{
"date": "2010-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-967"
},
{
"date": "2024-11-20T23:54:16.217000",
"db": "NVD",
"id": "CVE-2005-0036"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-967"
}
],
"trust": 0.9
}
}
var-200604-0574
Vulnerability from variot
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite. Numerous vulnerabilities have been reported in various Domain Name System (DNS) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause a DNS implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ In multiple products DNS For protocol implementation, DNS There are deficiencies due to protocol specifications, and certain DNS There are problems that cause memory area corruption and buffer overflow when packets are processed. Depending on the product implementation, the impact will vary, but if exploited by a remote attacker, DNS A service that processes packets or an application may go out of service. The discoverer also suggests the possibility of arbitrary code execution.Please refer to the “Overview” for the impact of this vulnerability. There are several unexplained vulnerabilities in the 9.x series prior to DeleGate 9.0.6 and the 8.x series prior to 8.11.6. The vendor has addressed this issue in versions 8.11.6 and 9.0.6; earlier versions are vulnerable. ISC BIND is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to properly handle malformed TSIG (Secret Key Transaction Authentication for DNS) replies. To exploit this issue, attackers must be able to send messages with a correct TSIG during a zone transfer. This limits the potential for remote exploits significantly. An attacker can exploit this issue to crash the affected service, effectively denying service to legitimate users.
TITLE: DeleGate DNS Query Handling Denial of Service
SECUNIA ADVISORY ID: SA19750
VERIFY ADVISORY: http://secunia.com/advisories/19750/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
SOFTWARE: DeleGate 8.x http://secunia.com/product/1237/
DESCRIPTION: A vulnerability has been reported in DeleGate, which can be exploited by malicious people to cause a DoS (Denial of Service). This can lead to out-of-bounds memory accesses and infinite recursive function calls, which causes the process to stop responding to requests.
The vulnerability has been reported in version 8.11.5 and prior (stable), and in version 9.0.5 and prior (development).
SOLUTION: Update to version 8.11.6 or later. http://www.delegate.org/delegate/download/
The vulnerability has also been fixed in development version 9.0.6.
PROVIDED AND/OR DISCOVERED BY: Reported by vendor based on DNS Test Tool created by Oulu University Secure Programming Group.
ORIGINAL ADVISORY: NISCC: http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0574",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "9.0.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "9.0.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "9.0.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "9.0.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "9.0.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "9.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.11.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.11.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.11.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.11.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": "delegate",
"scope": "lte",
"trust": 0.8,
"vendor": "delegate",
"version": "8.11.5"
},
{
"model": "delegate",
"scope": "lte",
"trust": 0.8,
"vendor": "delegate",
"version": "9.0.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "9.0.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"db": "BID",
"id": "17691"
},
{
"db": "BID",
"id": "17692"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000242"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533"
},
{
"db": "NVD",
"id": "CVE-2006-2072"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:delegate:delegate",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000242"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This issue was discovered by the PROTOS DNS Test Suite, which was developed by the Oulu University Secure Programming Group (OUSPG).",
"sources": [
{
"db": "BID",
"id": "17691"
},
{
"db": "BID",
"id": "17692"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533"
}
],
"trust": 1.2
},
"cve": "CVE-2006-2072",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2072",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2006-2722",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2072",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#955777",
"trust": 0.8,
"value": "19.13"
},
{
"author": "NVD",
"id": "CVE-2006-2072",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2006-2722",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-533",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000242"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533"
},
{
"db": "NVD",
"id": "CVE-2006-2072"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite. Numerous vulnerabilities have been reported in various Domain Name System (DNS) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause a DNS implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ In multiple products DNS For protocol implementation, DNS There are deficiencies due to protocol specifications, and certain DNS There are problems that cause memory area corruption and buffer overflow when packets are processed. Depending on the product implementation, the impact will vary, but if exploited by a remote attacker, DNS A service that processes packets or an application may go out of service. The discoverer also suggests the possibility of arbitrary code execution.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. There are several unexplained vulnerabilities in the 9.x series prior to DeleGate 9.0.6 and the 8.x series prior to 8.11.6. \nThe vendor has addressed this issue in versions 8.11.6 and 9.0.6; earlier versions are vulnerable. ISC BIND is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to properly handle malformed TSIG (Secret Key Transaction Authentication for DNS) replies. \nTo exploit this issue, attackers must be able to send messages with a correct TSIG during a zone transfer. This limits the potential for remote exploits significantly. \nAn attacker can exploit this issue to crash the affected service, effectively denying service to legitimate users. \n\nTITLE:\nDeleGate DNS Query Handling Denial of Service\n\nSECUNIA ADVISORY ID:\nSA19750\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/19750/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nDeleGate 8.x\nhttp://secunia.com/product/1237/\n\nDESCRIPTION:\nA vulnerability has been reported in DeleGate, which can be exploited\nby malicious people to cause a DoS (Denial of Service). This can lead to out-of-bounds memory\naccesses and infinite recursive function calls, which causes the\nprocess to stop responding to requests. \n\nThe vulnerability has been reported in version 8.11.5 and prior\n(stable), and in version 9.0.5 and prior (development). \n\nSOLUTION:\nUpdate to version 8.11.6 or later. \nhttp://www.delegate.org/delegate/download/\n\nThe vulnerability has also been fixed in development version 9.0.6. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor based on DNS Test Tool created by Oulu University\nSecure Programming Group. \n\nORIGINAL ADVISORY:\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2072"
},
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000242"
},
{
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"db": "BID",
"id": "17691"
},
{
"db": "BID",
"id": "17692"
},
{
"db": "PACKETSTORM",
"id": "45737"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "17691",
"trust": 3.3
},
{
"db": "CERT/CC",
"id": "VU#955777",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2006-2072",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "19750",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1015991",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-1506",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2006-1505",
"trust": 1.6
},
{
"db": "BID",
"id": "17692",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000242",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2006-2722",
"trust": 0.6
},
{
"db": "XF",
"id": "26081",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "45737",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"db": "BID",
"id": "17691"
},
{
"db": "BID",
"id": "17692"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000242"
},
{
"db": "PACKETSTORM",
"id": "45737"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533"
},
{
"db": "NVD",
"id": "CVE-2006-2072"
}
]
},
"id": "VAR-200604-0574",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2722"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2722"
}
]
},
"last_update_date": "2024-11-23T21:57:42.367000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "3156",
"trust": 0.8,
"url": "http://www.delegate.org/mail-lists/delegate-en/3156"
},
{
"title": "DeleGate DNS Response Denial of Service Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/40810"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000242"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2072"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.9,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en"
},
{
"trust": 3.0,
"url": "http://www.securityfocus.com/bid/17691"
},
{
"trust": 2.4,
"url": "http://www.kb.cert.org/vuls/id/955777"
},
{
"trust": 2.2,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en"
},
{
"trust": 1.6,
"url": "http://jvn.jp/niscc/niscc-144154/index.html"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1015991"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/19750"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/1505"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2006/1506"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/dns/index.html"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2072"
},
{
"trust": 0.8,
"url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20060425-00312.xml"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-2072"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/17692"
},
{
"trust": 0.8,
"url": "http://isc.sans.org/diary.php?storyid=1290"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1506"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1505"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/26081"
},
{
"trust": 0.3,
"url": "http://www.delegate.org"
},
{
"trust": 0.3,
"url": "http://www.delegate.org/delegate/updates/"
},
{
"trust": 0.3,
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1237/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://www.delegate.org/delegate/download/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/19750/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"db": "BID",
"id": "17691"
},
{
"db": "BID",
"id": "17692"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000242"
},
{
"db": "PACKETSTORM",
"id": "45737"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533"
},
{
"db": "NVD",
"id": "CVE-2006-2072"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#955777"
},
{
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"db": "BID",
"id": "17691"
},
{
"db": "BID",
"id": "17692"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000242"
},
{
"db": "PACKETSTORM",
"id": "45737"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533"
},
{
"db": "NVD",
"id": "CVE-2006-2072"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-04-28T00:00:00",
"db": "CERT/CC",
"id": "VU#955777"
},
{
"date": "2006-04-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"date": "2006-04-25T00:00:00",
"db": "BID",
"id": "17691"
},
{
"date": "2006-04-25T00:00:00",
"db": "BID",
"id": "17692"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000242"
},
{
"date": "2006-04-27T21:57:26",
"db": "PACKETSTORM",
"id": "45737"
},
{
"date": "2006-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-533"
},
{
"date": "2006-04-27T22:02:00",
"db": "NVD",
"id": "CVE-2006-2072"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-23T00:00:00",
"db": "CERT/CC",
"id": "VU#955777"
},
{
"date": "2006-04-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"date": "2006-04-26T19:31:00",
"db": "BID",
"id": "17691"
},
{
"date": "2006-04-26T19:31:00",
"db": "BID",
"id": "17692"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000242"
},
{
"date": "2006-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-533"
},
{
"date": "2024-11-21T00:10:29.510000",
"db": "NVD",
"id": "CVE-2006-2072"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "17691"
},
{
"db": "BID",
"id": "17692"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DeleGate DNS Response Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2006-2722"
},
{
"db": "BID",
"id": "17691"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "17691"
},
{
"db": "BID",
"id": "17692"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-533"
}
],
"trust": 1.2
}
}
var-200512-0860
Vulnerability from variot
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products Compressed DNS Messages Denial of Service
SECUNIA ADVISORY ID: SA15472
VERIFY ADVISORY: http://secunia.com/advisories/15472/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/
SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0860",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ata",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "188"
},
{
"model": "ata",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "186"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unity express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ip phone 7912",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ip phone 7902",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ip phone 7905",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "application and content networking software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unity express",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ethereal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tcpdump",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "subscriber edge services manager",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 7902",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "application and content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 7905",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ip phone 7912",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79120"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3700"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7325"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "565"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "510"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ata-188",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.18"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "subscriber edge services manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(2)"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
}
],
"trust": 0.9
},
"cve": "CVE-2005-4794",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-4794",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-16002",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-4794",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#23495",
"trust": 0.8,
"value": "41.92"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-642",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-16002",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the DNS implementation\nduring the decompression of compressed DNS messages and can be\nexploited via a specially crafted DNS packet containing invalid\ninformation in the compressed section. \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4794"
},
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "PACKETSTORM",
"id": "37713"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13729",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "15472",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1014043",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1014044",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1014045",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1014046",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2005-4794",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1015975",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "19003",
"trust": 1.7
},
{
"db": "BID",
"id": "1165",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#23495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20050524 CRAFTED DNS PACKET CAN CAUSE DENIAL OF SERVICE",
"trust": 0.6
},
{
"db": "XF",
"id": "20712",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-16002",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "37713",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"id": "VAR-200512-0860",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16002"
}
],
"trust": 0.6152548999999999
},
"last_update_date": "2024-11-23T22:04:38.671000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"trust": 2.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/13729"
},
{
"trust": 1.7,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/19003"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014043"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014044"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014045"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014046"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015975"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/15472"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20712"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15472/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1165"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014046"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014045"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014044"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014043"
},
{
"trust": 0.8,
"url": "http://www.ethereal.com"
},
{
"trust": 0.8,
"url": "http://www.tcpdump.org"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/20712"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5151/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2268/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2269/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2809/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "VULHUB",
"id": "VHN-16002"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-16002"
},
{
"date": "2005-05-24T00:00:00",
"db": "BID",
"id": "13729"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37713"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-16002"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13729"
},
{
"date": "2006-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-642"
},
{
"date": "2024-11-21T00:05:11.867000",
"db": "NVD",
"id": "CVE-2005-4794"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-642"
}
],
"trust": 0.9
}
}
var-200507-0034
Vulnerability from variot
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling.". A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Multiple vendors' products are prone to HTTP-request-smuggling issues. Attackers can piggyback an HTTP request inside of another HTTP request. By leveraging failures to implement the HTTP/1.1 RFC properly, attackers can launch cache-poisoning, cross-site scripting, session-hijacking, and other attacks. Title: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities
CA Advisory Reference: CA20090123-01
CA Advisory Date: 2009-01-23
Reported By: n/a
Impact: Refer to the CVE identifiers for details.
Summary: Multiple security risks exist in Apache Tomcat as included with CA Cohesion Application Configuration Manager. CA has issued an update to address the vulnerabilities. Refer to the References section for the full list of resolved issues by CVE identifier.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating.
Affected Products: CA Cohesion Application Configuration Manager 4.5
Non-Affected Products CA Cohesion Application Configuration Manager 4.5 SP1
Affected Platforms: Windows
Status and Recommendation: CA has issued the following update to address the vulnerabilities.
CA Cohesion Application Configuration Manager 4.5:
RO04648 https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search &searchID=RO04648
How to determine if you are affected:
- Using Windows Explorer, locate the file "RELEASE-NOTES".
- By default, the file is located in the "C:\Program Files\CA\Cohesion\Server\server\" directory.
- Open the file with a text editor.
- If the version is less than 5.5.25, the installation is vulnerable.
Workaround: None
References (URLs may wrap): CA Support: http://support.ca.com/ CA20090123-01: Security Notice for Cohesion Tomcat https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1975 40 Solution Document Reference APARs: RO04648 CA Security Response Blog posting: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx Reported By: n/a CVE References: CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 CVE-2005-3510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510 CVE-2006-3835 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835 CVE-2006-7195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 CVE-2006-7196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196 CVE-2007-0450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 CVE-2007-1355 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355 CVE-2007-1358 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358 CVE-2007-1858 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858 CVE-2007-2449 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 CVE-2007-2450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 CVE-2007-3382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382 CVE-2007-3385 * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385 CVE-2007-3386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386 CVE-2008-0128 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128 *Note: the issue was not completely fixed by Tomcat maintainers. OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release v1.1 - Updated Impact, Summary, Affected Products
Customers who require additional information should contact CA Technical Support at http://support.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777 82
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Nucleus XML-RPC PHP Code Execution Vulnerability
SECUNIA ADVISORY ID: SA15895
VERIFY ADVISORY: http://secunia.com/advisories/15895/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: Nucleus 3.x http://secunia.com/product/3699/
DESCRIPTION: A vulnerability has been reported in Nucleus, which can be exploited by malicious people to compromise a vulnerable system.
For more information: SA15852
SOLUTION: Update to version 3.21. http://sourceforge.net/project/showfiles.php?group_id=66479
OTHER REFERENCES: SA15852: http://secunia.com/advisories/15852/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01178795 Version: 1
HPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-02 Last Updated: 2007-10-02
Potential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code.
References: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386.
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running Apache
BACKGROUND To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.
AFFECTED VERSIONS
For IPv4: HP-UX B.11.11 ============= hpuxwsAPACHE action: install revision A.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
For IPv6: HP-UX B.11.11 HP-UX B.11.23 HP-UX B.11.31 ============= hpuxwsAPACHE,revision=B.1.0.00.01 hpuxwsAPACHE,revision=B.1.0.07.01 hpuxwsAPACHE,revision=B.1.0.08.01 hpuxwsAPACHE,revision=B.1.0.09.01 hpuxwsAPACHE,revision=B.1.0.10.01 hpuxwsAPACHE,revision=B.2.0.48.00 hpuxwsAPACHE,revision=B.2.0.49.00 hpuxwsAPACHE,revision=B.2.0.50.00 hpuxwsAPACHE,revision=B.2.0.51.00 hpuxwsAPACHE,revision=B.2.0.52.00 hpuxwsAPACHE,revision=B.2.0.53.00 hpuxwsAPACHE,revision=B.2.0.54.00 hpuxwsAPACHE,revision=B.2.0.55.00 hpuxwsAPACHE,revision=B.2.0.56.00 hpuxwsAPACHE,revision=B.2.0.58.00 hpuxwsAPACHE,revision=B.2.0.58.01
action: install revision B.2.0.59.00 or subsequent restart Apache URL: https://www.hp.com/go/softwaredepot/
END AFFECTED VERSIONS
RESOLUTION HP has made the following available to resolve the vulnerability. HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. The update is available on https://www.hp.com/go/softwaredepot/ Note: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00.
MANUAL ACTIONS: Yes - Update Install HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent.
PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HISTORY Revision: 1 (rev.1) - 02 October 2007 Initial release
Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ HHoe3AY1sc6hrW3Xk+B1hcbr =+E1W -----END PGP SIGNATURE----- . Summary:
Updated Tomcat and Java JRE packages for VirtualCenter 2.0.2, ESX Server 3.0.2, and ESX 3.0.1. Relevant releases:
VirtualCenter Management Server 2 ESX Server 3.0.2 without patch ESX-1002434 ESX Server 3.0.1 without patch ESX-1003176
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-2090, CVE-2006-7195, and CVE-2007-0450 to these issues.
JRE Security Update This release of VirtualCenter Server updates the JRE package from 1.5.0_7 to 1.5.0_12, which addresses a security issue that existed in the earlier release of JRE.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-3004 to this issue.
Security best practices provided by VMware recommend that the
service console be isolated from the VM network. Please see
http://www.vmware.com/resources/techresources/726 for more
information on VMware security best practices. Solution:
Please review the Patch notes for your product and version and verify the md5sum of your downloaded file.
VMware VirtualCenter 2.0.2 Update 2 Release Notes http://www.vmware.com/support/vi3/doc/releasenotes_vc202u2.html
VirtualCenter CD image md5sum d7d98a5d7f8afff32cee848f860d3ba7
VirtualCenter as Zip md5sum 3b42ec350121659e10352ca2d76e212b
ESX Server 3.0.2 http://kb.vmware.com/kb/1002434 md5sum: 2f52251f6ace3d50934344ef313539d5
ESX Server 3.0.1 http://kb.vmware.com/kb/1003176 md5sum: 5674ca0dcfac90726014cc316444996e
- Contact:
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce@lists.vmware.com
- bugtraq@securityfocus.com
- full-disclosure@lists.grok.org.uk
E-mail: security@vmware.com
Security web site http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure)
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected: - - Apache Tomcat 8.0.0-RC1 - - Apache Tomcat 7.0.0 to 7.0.42 - - Apache Tomcat 6.0.0 to 6.0.37
Description: The fix for CVE-2005-2090 was not complete. It did not cover the following cases: - - content-length header with chunked encoding over any HTTP connector - - multiple content-length headers over any AJP connector
Requests with multiple content-length headers or with a content-length header when chunked encoding is being used should be rejected as invalid. When multiple components (firewalls, caches, proxies and Tomcat) process a sequence of requests where one or more requests contain either multiple content-length headers or a content-length header when chunked encoding is being used and several components do not reject the request and make different decisions as to which content-length header to use an attacker can poison a web-cache, perform an XSS attack and obtain sensitive information from requests other then their own. Tomcat now rejects requests with multiple content-length headers or with a content-length header when chunked encoding is being used.
Mitigation: Users of affected versions should apply one of the following mitigations - - Upgrade to Apache Tomcat 8.0.0-RC3 or later (8.0.0-RC2 contains the fix but was not released) - - Upgrade to Apache Tomcat 7.0.47 or later (7.0.43 to 7.0.46 contain the fix but were not released) - - Upgrade to Apache Tomcat 6.0.39 or later (6.0.38 contains the fix but was not released)
Credit: This issue was identified by the Apache Tomcat security team while investigating an invalid report related to CVE-2005-2090
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200507-0034",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "5.0.19"
},
{
"model": "tomcat",
"scope": "eq",
"trust": 1.6,
"vendor": "apache",
"version": "4.1.24"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "drupal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pear xml rpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpxmlrpc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "postnuke",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "serendipity",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wordpress",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xoops",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "phpmyfaq",
"version": null
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "4.0.6"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "4.1.34"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "5.0.30"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "5.5.22"
},
{
"model": "tomcat",
"scope": "lte",
"trust": 0.8,
"vendor": "apache",
"version": "6.0.10"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.31"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "rhel desktop workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (client)"
},
{
"model": "webotx application server",
"scope": "lt",
"trust": 0.8,
"vendor": "nec",
"version": "v7.11"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard version 6"
},
{
"model": "cosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "version 5"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "enterprise"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "light"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "standard"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "architect"
},
{
"model": "ucosminexus service",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "platform"
},
{
"model": "interstage application framework suite",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage apworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage business application server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage job workload server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage studio",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "interstage web server",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "coyote http connector",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "1.1"
},
{
"model": "coyote http connector",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "1.0"
},
{
"model": "virtualcenter management server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.2"
},
{
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.0.1"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "8"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk 10.sp1",
"scope": null,
"trust": 0.3,
"vendor": "suse",
"version": null
},
{
"model": "linux enterprise sdk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp1 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.2"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.2"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "one web server sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "one web server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "one web server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "one web server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.1"
},
{
"model": "unitedlinux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "suse linux standard server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "suse linux school server for i386",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "suse linux retail solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "8.0"
},
{
"model": "suse linux openexchange server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.0"
},
{
"model": "suse linux open-xchange",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "4.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1"
},
{
"model": "open-enterprise-server",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "0"
},
{
"model": "office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "novell linux pos",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9"
},
{
"model": "novell linux desktop sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.0"
},
{
"model": "novell linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux openexchange server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux office server",
"scope": null,
"trust": 0.3,
"vendor": "s u s e",
"version": null
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "1.0"
},
{
"model": "linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1x86-64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1x86"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0x86-64"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0x86"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4)4.2"
},
{
"model": "enterprise linux virtualization server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux optional productivity application server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux hardware certification",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "enterprise linux desktop multi os client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "certificate server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5.0"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.2"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.1"
},
{
"model": "hat red hat network satellite server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4.0"
},
{
"model": "hat network satellite (for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3)4.2"
},
{
"model": "hat enterprise linux supplementary server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop supplementary client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "oracle9i application server web cache",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.3"
},
{
"model": "oracle9i application server web cache",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2.2"
},
{
"model": "oracle9i application server",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "9.0.2"
},
{
"model": "zenworks linux management",
"scope": "eq",
"trust": 0.3,
"vendor": "novell",
"version": "7.3"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "6.0"
},
{
"model": "iis",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1.0.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.9"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.8"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.7"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.6"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.5"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.4"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.3"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.10"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.2"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0.1"
},
{
"model": "websphere application server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "associates unicenter service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2"
},
{
"model": "associates cohesion application configuration manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.5"
},
{
"model": "associates cmdb",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "systems weblogic server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "systems weblogic express sp",
"scope": "eq",
"trust": 0.3,
"vendor": "bea",
"version": "8.11"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.0.30"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.0.19"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "5.0"
},
{
"model": "software foundation tomcat",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "4.1.24"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.53"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.52"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.51"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.50"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.49"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.48"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.47"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.46"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.0.45"
},
{
"model": "software foundation apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "1.3.29"
},
{
"model": "associates cohesion application configuration manager sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "4.5"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "BID",
"id": "13873"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000866"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-004"
},
{
"db": "NVD",
"id": "CVE-2005-2090"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apache:tomcat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:sun:solaris",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:hp:hp-ux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:webotx_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:cosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_developer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:hitachi:ucosminexus_service",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_framework_suite",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_apworks",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_business_application_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_job_workload_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:fujitsu:interstage_web_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000866"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-004"
}
],
"trust": 0.6
},
"cve": "CVE-2005-2090",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2005-2090",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-2090",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#442845",
"trust": 0.8,
"value": "20.75"
},
{
"author": "NVD",
"id": "CVE-2005-2090",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200507-004",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000866"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-004"
},
{
"db": "NVD",
"id": "CVE-2005-2090"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\". A vulnerability in a common PHP extension module could allow a remote attacker to execute code on a vulnerable system. Multiple vendors\u0027 products are prone to HTTP-request-smuggling issues. Attackers can piggyback an HTTP request inside of another HTTP request. By leveraging failures to implement the HTTP/1.1 RFC properly, attackers can launch cache-poisoning, cross-site scripting, session-hijacking, and other attacks. Title: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities\n\n\nCA Advisory Reference: CA20090123-01\n\n\nCA Advisory Date: 2009-01-23\n\n\nReported By: n/a\n\n\nImpact: Refer to the CVE identifiers for details. \n\n\nSummary: Multiple security risks exist in Apache Tomcat as \nincluded with CA Cohesion Application Configuration Manager. CA \nhas issued an update to address the vulnerabilities. Refer to the \nReferences section for the full list of resolved issues by CVE \nidentifier. \n\n\nMitigating Factors: None\n\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. \n\n\nAffected Products:\nCA Cohesion Application Configuration Manager 4.5\n\n\nNon-Affected Products\nCA Cohesion Application Configuration Manager 4.5 SP1\n\n\nAffected Platforms:\nWindows\n\n\nStatus and Recommendation:\nCA has issued the following update to address the vulnerabilities. \n\nCA Cohesion Application Configuration Manager 4.5:\n\nRO04648\nhttps://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search\n\u0026searchID=RO04648\n\n\nHow to determine if you are affected:\n\n1. Using Windows Explorer, locate the file \"RELEASE-NOTES\". \n2. By default, the file is located in the \n \"C:\\Program Files\\CA\\Cohesion\\Server\\server\\\" directory. \n3. Open the file with a text editor. \n4. If the version is less than 5.5.25, the installation is \n vulnerable. \n\n\nWorkaround: None\n\n\nReferences (URLs may wrap):\nCA Support:\nhttp://support.ca.com/\nCA20090123-01: Security Notice for Cohesion Tomcat\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1975\n40\nSolution Document Reference APARs:\nRO04648\nCA Security Response Blog posting:\nCA20090123-01: Cohesion Tomcat Multiple Vulnerabilities\ncommunity.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx\nReported By: \nn/a\nCVE References:\nCVE-2005-2090\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090\nCVE-2005-3510\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510\nCVE-2006-3835\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835\nCVE-2006-7195\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195\nCVE-2006-7196\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196\nCVE-2007-0450\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450\nCVE-2007-1355\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355\nCVE-2007-1358\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358\nCVE-2007-1858\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858\nCVE-2007-2449\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449\nCVE-2007-2450\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450\nCVE-2007-3382\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382\nCVE-2007-3385 *\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385\nCVE-2007-3386\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386\nCVE-2008-0128\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0128\n*Note: the issue was not completely fixed by Tomcat maintainers. \nOSVDB References: Pending\nhttp://osvdb.org/\n\n\nChangelog for this advisory:\nv1.0 - Initial Release\nv1.1 - Updated Impact, Summary, Affected Products\n\n\nCustomers who require additional information should contact CA\nTechnical Support at http://support.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777\n82\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nNucleus XML-RPC PHP Code Execution Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15895\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15895/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nNucleus 3.x\nhttp://secunia.com/product/3699/\n\nDESCRIPTION:\nA vulnerability has been reported in Nucleus, which can be exploited\nby malicious people to compromise a vulnerable system. \n\nFor more information:\nSA15852\n\nSOLUTION:\nUpdate to version 3.21. \nhttp://sourceforge.net/project/showfiles.php?group_id=66479\n\nOTHER REFERENCES:\nSA15852:\nhttp://secunia.com/advisories/15852/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01178795\nVersion: 1\n\nHPSBUX02262 SSRT071447 rev. 1 - HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2007-10-02\nLast Updated: 2007-10-02\n\nPotential Security Impact: Remote arbitrary code execution, cross site scripting (XSS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified with Apache running on HP-UX. The vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) to execute arbitrary code. \n\nReferences: CVE-2005-2090, CVE-2006-5752, CVE-2007-0450, CVE-2007-0774, CVE-2007-1355, CVE-2007-1358, CVE-2007-1860, CVE-2007-1863, CVE-2007-1887, CVE-2007-1900, CVE-2007-2449, CVE-2007-2450, CVE-2007-2756, CVE-2007-2872, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386. \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running Apache\n\nBACKGROUND\nTo determine if a system has an affected version, search the output of \"swlist -a revision -l fileset\" for an affected fileset. Then determine if the recommended patch or update is installed. \n\nAFFECTED VERSIONS \n\nFor IPv4: \nHP-UX B.11.11 \n============= \nhpuxwsAPACHE \naction: install revision A.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nFor IPv6: \nHP-UX B.11.11 \nHP-UX B.11.23 \nHP-UX B.11.31 \n============= \nhpuxwsAPACHE,revision=B.1.0.00.01 \nhpuxwsAPACHE,revision=B.1.0.07.01 \nhpuxwsAPACHE,revision=B.1.0.08.01 \nhpuxwsAPACHE,revision=B.1.0.09.01 \nhpuxwsAPACHE,revision=B.1.0.10.01 \nhpuxwsAPACHE,revision=B.2.0.48.00 \nhpuxwsAPACHE,revision=B.2.0.49.00 \nhpuxwsAPACHE,revision=B.2.0.50.00 \nhpuxwsAPACHE,revision=B.2.0.51.00 \nhpuxwsAPACHE,revision=B.2.0.52.00 \nhpuxwsAPACHE,revision=B.2.0.53.00 \nhpuxwsAPACHE,revision=B.2.0.54.00 \nhpuxwsAPACHE,revision=B.2.0.55.00 \nhpuxwsAPACHE,revision=B.2.0.56.00 \nhpuxwsAPACHE,revision=B.2.0.58.00 \nhpuxwsAPACHE,revision=B.2.0.58.01 \n\naction: install revision B.2.0.59.00 or subsequent \nrestart Apache \nURL: https://www.hp.com/go/softwaredepot/ \n\nEND AFFECTED VERSIONS \n\n\nRESOLUTION\nHP has made the following available to resolve the vulnerability. \nHP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \nThe update is available on https://www.hp.com/go/softwaredepot/ \nNote: HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin contains HP-UX Apache-based Web Server v.2.0.59.00. \n\nMANUAL ACTIONS: Yes - Update \nInstall HP-UX Apache-based Web Server v.2.18 powered by Apache Tomcat Webmin or subsequent. \n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Software Assistant: \nHP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. \nFor more information see: https://www.hp.com/go/swa \n\nHISTORY \nRevision: 1 (rev.1) - 02 October 2007 Initial release \n\nThird Party Security Patches: \nThird party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2007 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBRwVCruAfOvwtKn1ZEQK1YgCfavU7x1Hs59uLdP26lpZFwMxKofIAn3gJ\nHHoe3AY1sc6hrW3Xk+B1hcbr\n=+E1W\n-----END PGP SIGNATURE-----\n. Summary:\n\n Updated Tomcat and Java JRE packages for VirtualCenter 2.0.2, ESX\n Server 3.0.2, and ESX 3.0.1. Relevant releases:\n\n VirtualCenter Management Server 2\n ESX Server 3.0.2 without patch ESX-1002434\n ESX Server 3.0.1 without patch ESX-1003176\n\n3. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the names CVE-2005-2090, CVE-2006-7195, and CVE-2007-0450 to\n these issues. \n\n JRE Security Update\n This release of VirtualCenter Server updates the JRE package from\n 1.5.0_7 to 1.5.0_12, which addresses a security issue that existed in\n the earlier release of JRE. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2007-3004 to this issue. \n\n Security best practices provided by VMware recommend that the\n service console be isolated from the VM network. Please see\n http://www.vmware.com/resources/techresources/726 for more\n information on VMware security best practices. Solution:\n\nPlease review the Patch notes for your product and version and verify\nthe md5sum of your downloaded file. \n\n VMware VirtualCenter 2.0.2 Update 2 Release Notes\n http://www.vmware.com/support/vi3/doc/releasenotes_vc202u2.html\n\n VirtualCenter CD image\n md5sum d7d98a5d7f8afff32cee848f860d3ba7\n\n VirtualCenter as Zip\n md5sum 3b42ec350121659e10352ca2d76e212b\n\n ESX Server 3.0.2\n http://kb.vmware.com/kb/1002434\n md5sum: 2f52251f6ace3d50934344ef313539d5\n\n ESX Server 3.0.1\n http://kb.vmware.com/kb/1003176\n md5sum: 5674ca0dcfac90726014cc316444996e\n\n5. Contact:\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce@lists.vmware.com\n * bugtraq@securityfocus.com\n * full-disclosure@lists.grok.org.uk\n\nE-mail: security@vmware.com\n\nSecurity web site\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2008 VMware Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure)\n\nSeverity: Important\n\nVendor: The Apache Software Foundation\n\nVersions Affected:\n- - Apache Tomcat 8.0.0-RC1\n- - Apache Tomcat 7.0.0 to 7.0.42\n- - Apache Tomcat 6.0.0 to 6.0.37\n\nDescription:\nThe fix for CVE-2005-2090 was not complete. It did not cover the\nfollowing cases:\n- - content-length header with chunked encoding over any HTTP connector\n- - multiple content-length headers over any AJP connector\n\nRequests with multiple content-length headers or with a content-length\nheader when chunked encoding is being used should be rejected as\ninvalid. When multiple components (firewalls, caches, proxies and\nTomcat) process a sequence of requests where one or more requests\ncontain either multiple content-length headers or a content-length\nheader when chunked encoding is being used and several components do not\nreject the request and make different decisions as to which\ncontent-length header to use an attacker can poison a web-cache, perform\nan XSS attack and obtain sensitive information from requests other then\ntheir own. Tomcat now rejects requests with multiple content-length\nheaders or with a content-length header when chunked encoding is being\nused. \n\nMitigation:\nUsers of affected versions should apply one of the following mitigations\n- - Upgrade to Apache Tomcat 8.0.0-RC3 or later\n (8.0.0-RC2 contains the fix but was not released)\n- - Upgrade to Apache Tomcat 7.0.47 or later\n (7.0.43 to 7.0.46 contain the fix but were not released)\n- - Upgrade to Apache Tomcat 6.0.39 or later\n (6.0.38 contains the fix but was not released)\n\nCredit:\nThis issue was identified by the Apache Tomcat security team while\ninvestigating an invalid report related to CVE-2005-2090",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2090"
},
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000866"
},
{
"db": "BID",
"id": "13873"
},
{
"db": "PACKETSTORM",
"id": "74289"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "62402"
},
{
"db": "PACKETSTORM",
"id": "125394"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-2090",
"trust": 3.1
},
{
"db": "BID",
"id": "13873",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1014365",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "30908",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "26660",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "30899",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "29242",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "28365",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "26235",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "33668",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "27037",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2732",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2009-0233",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2008-0065",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-3087",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-3386",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2008-1979",
"trust": 1.6
},
{
"db": "BID",
"id": "25159",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "15895",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "15810",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15922",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15852",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15855",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15861",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15862",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15872",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15883",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "15884",
"trust": 0.8
},
{
"db": "BID",
"id": "14088",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014327",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#442845",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000866",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200507-004",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "74289",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "38388",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "62402",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125394",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "BID",
"id": "13873"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000866"
},
{
"db": "PACKETSTORM",
"id": "74289"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "62402"
},
{
"db": "PACKETSTORM",
"id": "125394"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-004"
},
{
"db": "NVD",
"id": "CVE-2005-2090"
}
]
},
"id": "VAR-200507-0034",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-11-28T21:36:17.621000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fixed in Apache Tomcat 4.1.36",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-4.html"
},
{
"title": "Fixed in Apache Tomcat 5.5.24, 5.0.SVN",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-5.html"
},
{
"title": "Fixed in Apache Tomcat 6.0.11 ",
"trust": 0.8,
"url": "http://tomcat.apache.org/security-6.html"
},
{
"title": "HS08-003",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS08-003/index.html"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01178795"
},
{
"title": "HPSBUX02262",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02262.html"
},
{
"title": "tomcat4 (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=1168"
},
{
"title": "NV09-003",
"trust": 0.8,
"url": "http://www.nec.co.jp/security-info/secinfo/nv09-003.html"
},
{
"title": "RHSA-2007:0327",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2007-0327.html"
},
{
"title": "239312",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239312-1"
},
{
"title": "interstage_as_200703",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/products-fujitsu/solution/interstage_as_200703.html"
},
{
"title": "HS08-003",
"trust": 0.8,
"url": "http://www.hitachi-support.com/security/vuls/HS08-003/index.html"
},
{
"title": "RHSA-2007:0327",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2007-0327J.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000866"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2090"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13873"
},
{
"trust": 1.9,
"url": "http://support.avaya.com/elmodocs2/security/asa-2007-206.htm"
},
{
"trust": 1.9,
"url": "http://www.watchfire.com/resources/http-request-smuggling.pdf"
},
{
"trust": 1.7,
"url": "http://tomcat.apache.org/security-6.html"
},
{
"trust": 1.6,
"url": "http://seclists.org/lists/bugtraq/2005/jun/0025.html"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2009/0233"
},
{
"trust": 1.6,
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"trust": 1.6,
"url": "http://www.securiteam.com/securityreviews/5gp0220g0u.html"
},
{
"trust": 1.6,
"url": "http://tomcat.apache.org/security-5.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2008/1979/references"
},
{
"trust": 1.6,
"url": "http://lists.vmware.com/pipermail/security-announce/2008/000003.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/33668"
},
{
"trust": 1.6,
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/27037"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0360.html"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2008/0065"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/30899"
},
{
"trust": 1.6,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/26660"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/28365"
},
{
"trust": 1.6,
"url": "http://lists.apple.com/archives/security-announce//2007/jul/msg00004.html"
},
{
"trust": 1.6,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10499"
},
{
"trust": 1.6,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/30908"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0261.html"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1014365"
},
{
"trust": 1.6,
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200703e.html"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/archive/1/485938/100/0/threaded"
},
{
"trust": 1.6,
"url": "http://www.redhat.com/support/errata/rhsa-2007-0327.html"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2007/3087"
},
{
"trust": 1.6,
"url": "http://tomcat.apache.org/security-4.html"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/26235"
},
{
"trust": 1.6,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=197540"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/25159"
},
{
"trust": 1.6,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01178795"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/29242"
},
{
"trust": 1.0,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-2090"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15895/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15852/"
},
{
"trust": 0.8,
"url": "http://www.hardened-php.net/advisory-022005.php"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15861/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15862/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15884/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15883/"
},
{
"trust": 0.8,
"url": "http://news.postnuke.com/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=2699"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15855/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15810/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15872/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/15922/"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/jun/1014327.html"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00088-07022005"
},
{
"trust": 0.8,
"url": "http://www.gulftech.org/?node=research\u0026article_id=00087-07012005"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14088"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-2090"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/jul/1014365.html"
},
{
"trust": 0.6,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7006398"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3cdev.tomcat.apache.org%3e"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-2090"
},
{
"trust": 0.3,
"url": "http://www.ietf.org/rfc/rfc2616.txt"
},
{
"trust": 0.3,
"url": "http://download.novell.com/download?buildid=n5vszfht1vs"
},
{
"trust": 0.3,
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23/ca20090123-01-cohesion-tomcat-multiple-vulnerabilities.aspx"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-0327.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2007-1069.html"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0524.html"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-239312-1"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0450"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2449"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1358"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0450"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3386"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2450"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3382"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3385"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7195"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1355"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-7195"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-7196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2450"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0128"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3510"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1858"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3510"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0128"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1358"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-3835"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1355"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1777"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-3835"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1858"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3385"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3386"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3382"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/redirarticles?reqpage=search"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-7196"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2449"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3699/"
},
{
"trust": 0.1,
"url": "http://sourceforge.net/project/showfiles.php?group_id=66479"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1863"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/softwaredepot/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0774"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2872"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2756"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-1887"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-5752"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3004"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1003176"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1002434"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3004"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/resources/techresources/726"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/vi3/doc/releasenotes_vc202u2.html"
},
{
"trust": 0.1,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.1,
"url": "http://www.enigmail.net/"
},
{
"trust": 0.1,
"url": "http://tomcat.apache.org/security-8.html"
},
{
"trust": 0.1,
"url": "http://tomcat.apache.org/security-7.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4286"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "BID",
"id": "13873"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000866"
},
{
"db": "PACKETSTORM",
"id": "74289"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "62402"
},
{
"db": "PACKETSTORM",
"id": "125394"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-004"
},
{
"db": "NVD",
"id": "CVE-2005-2090"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#442845"
},
{
"db": "BID",
"id": "13873"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000866"
},
{
"db": "PACKETSTORM",
"id": "74289"
},
{
"db": "PACKETSTORM",
"id": "38388"
},
{
"db": "PACKETSTORM",
"id": "59939"
},
{
"db": "PACKETSTORM",
"id": "62402"
},
{
"db": "PACKETSTORM",
"id": "125394"
},
{
"db": "CNNVD",
"id": "CNNVD-200507-004"
},
{
"db": "NVD",
"id": "CVE-2005-2090"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-07-06T00:00:00",
"db": "CERT/CC",
"id": "VU#442845"
},
{
"date": "2005-06-06T00:00:00",
"db": "BID",
"id": "13873"
},
{
"date": "2007-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000866"
},
{
"date": "2009-01-27T23:27:39",
"db": "PACKETSTORM",
"id": "74289"
},
{
"date": "2005-07-01T23:31:00",
"db": "PACKETSTORM",
"id": "38388"
},
{
"date": "2007-10-10T05:27:27",
"db": "PACKETSTORM",
"id": "59939"
},
{
"date": "2008-01-08T16:58:51",
"db": "PACKETSTORM",
"id": "62402"
},
{
"date": "2014-02-25T18:33:33",
"db": "PACKETSTORM",
"id": "125394"
},
{
"date": "2005-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200507-004"
},
{
"date": "2005-07-05T04:00:00",
"db": "NVD",
"id": "CVE-2005-2090"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-03-09T00:00:00",
"db": "CERT/CC",
"id": "VU#442845"
},
{
"date": "2015-03-19T08:16:00",
"db": "BID",
"id": "13873"
},
{
"date": "2009-06-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000866"
},
{
"date": "2019-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200507-004"
},
{
"date": "2024-11-20T23:58:46.657000",
"db": "NVD",
"id": "CVE-2005-2090"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-004"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple PHP XML-RPC implementations vulnerable to code injection",
"sources": [
{
"db": "CERT/CC",
"id": "VU#442845"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200507-004"
}
],
"trust": 0.6
}
}
var-200512-0641
Vulnerability from variot
The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products Compressed DNS Messages Denial of Service
SECUNIA ADVISORY ID: SA15472
VERIFY ADVISORY: http://secunia.com/advisories/15472/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/
SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0641",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.9,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ethereal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tcpdump",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "unity express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79120"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3700"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7325"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "565"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "510"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ata-188",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.18"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "subscriber edge services manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(2)"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0037",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0037",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0037",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#23495",
"trust": 0.8,
"value": "41.92"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-731",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the DNS implementation\nduring the decompression of compressed DNS messages and can be\nexploited via a specially crafted DNS packet containing invalid\ninformation in the compressed section. \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0037"
},
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13729",
"trust": 2.7
},
{
"db": "NVD",
"id": "CVE-2005-0037",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "25291",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "15472",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1014043",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014044",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014045",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014046",
"trust": 0.8
},
{
"db": "BID",
"id": "1165",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#23495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "37713",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"id": "VAR-200512-0641",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3638431
},
"last_update_date": "2024-11-23T22:04:38.707000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13729"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/25291"
},
{
"trust": 1.6,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 1.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15472/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1165"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014046"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014045"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014044"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014043"
},
{
"trust": 0.8,
"url": "http://www.ethereal.com"
},
{
"trust": 0.8,
"url": "http://www.tcpdump.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5151/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2268/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2269/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2809/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2005-05-24T00:00:00",
"db": "BID",
"id": "13729"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37713"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13729"
},
{
"date": "2010-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-731"
},
{
"date": "2024-11-20T23:54:16.360000",
"db": "NVD",
"id": "CVE-2005-0037"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-731"
}
],
"trust": 0.9
}
}
var-200412-0018
Vulnerability from variot
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. [CERT/CC VU#887766 See also ] DNS A vulnerability in the protocol implementation has been identified. Depending on the implementation, between servers Query - response A storm may occur. Also, localhost UDP 53 Port is From If a query with is sent, the server may continue to respond to the server itself and resources may be exhausted.Denial of service (denial-of-service, DoS) You can be attacked. Multiple DNS vendors are reported susceptible to a denial of service vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.3,
"vendor": "qbik",
"version": "4.0.1"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.3,
"vendor": "qbik",
"version": "3.0"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.60.1"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.60.0"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.9"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.8"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.7"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.6"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.5"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.4"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.8.05"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.5.31"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.5.30"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.5.29"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.5.28"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.32"
},
{
"model": "dns server",
"scope": "eq",
"trust": 1.0,
"vendor": "pliant",
"version": "*"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.34"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.33"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.40"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.8"
},
{
"model": "2400 video server",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "3.11"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.41"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.32"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.02"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.12"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.30"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.31"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.6"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.40"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.33"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.34"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.41"
},
{
"model": "2400 video server",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "3.12"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.12"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.0,
"vendor": "qbik",
"version": "6.0.1_build_993"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.30"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.32"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.40"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.34"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.31"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.41"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.0"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.12"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.30"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.10.0"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.0,
"vendor": "qbik",
"version": "4.1_beta_a"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.31"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.34"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.9"
},
{
"model": "2460 network dvr",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "3.12"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.01"
},
{
"model": "raidendnsd",
"scope": "eq",
"trust": 1.0,
"vendor": "team johnlong",
"version": "*"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.32"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.31"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.0,
"vendor": "posadis",
"version": "m5pre2"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.40"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.7"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.03"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.41"
},
{
"model": "2401 video server",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "3.12"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.0,
"vendor": "qbik",
"version": "6.0.1_build_995"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.12"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.0,
"vendor": "posadis",
"version": "m5pre1"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.30"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.0,
"vendor": "qbik",
"version": "6.0"
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "johnlong raidendnsd",
"scope": null,
"trust": 0.3,
"vendor": "team",
"version": null
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.1995"
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.1993"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.0"
},
{
"model": "wingate beta a",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "4.1"
},
{
"model": "m5pre2",
"scope": null,
"trust": 0.3,
"vendor": "posadis",
"version": null
},
{
"model": "m5pre1",
"scope": null,
"trust": 0.3,
"vendor": "posadis",
"version": null
},
{
"model": "dns server",
"scope": null,
"trust": 0.3,
"vendor": "pliant",
"version": null
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.10.0"
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.9x"
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.8x"
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.7x"
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.6x"
},
{
"model": "communications digital video recorder",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24603.12"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.41"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.40"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.34"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.33"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.32"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.31"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.30"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.12"
},
{
"model": "communications video server",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "2401+3.12"
},
{
"model": "communications video server",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "2400+3.12"
},
{
"model": "communications video server",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "2400+3.11"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.41"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.40"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.34"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.32"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.31"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.30"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.12"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.41"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.40"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.34"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.32"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.31"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.30"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.12"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.41"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.40"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.34"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.33"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.32"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.31"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.30"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.12"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.03"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.02"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.01"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.0"
},
{
"model": "wingate build",
"scope": "ne",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.31005"
},
{
"model": "wingate build",
"scope": "ne",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.21001"
},
{
"model": "wingate build",
"scope": "ne",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.21000"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "0.60.5"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "0.60.4"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "0.60.3"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "0.60.2"
},
{
"model": "quickdns server",
"scope": "ne",
"trust": 0.3,
"vendor": "men mice",
"version": "3.5.2"
},
{
"model": "quickdns server",
"scope": "ne",
"trust": 0.3,
"vendor": "men mice",
"version": "2.2.3"
},
{
"model": "maradns",
"scope": "ne",
"trust": 0.3,
"vendor": "maradns",
"version": "1.0.23"
},
{
"model": "maradns",
"scope": "ne",
"trust": 0.3,
"vendor": "maradns",
"version": "0.9.01"
},
{
"model": "maradns",
"scope": "ne",
"trust": 0.3,
"vendor": "maradns",
"version": "0.9.00"
},
{
"model": "maradns",
"scope": "ne",
"trust": 0.3,
"vendor": "maradns",
"version": "0.8.99"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.4"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.7"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.6"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.5"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.4"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.0"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.7"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.6"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.5"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.4"
},
{
"model": "bind beta",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.3"
},
{
"model": "bind p7",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p6",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p5",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p4",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.1.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.1.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.11"
},
{
"model": "bind ow2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.10"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.10"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.9"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.8"
},
{
"model": "bind -t1b",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.7"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.7"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.6"
},
{
"model": "bind p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.5"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.5"
},
{
"model": "bind p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.4"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.4"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.8.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.8.2.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.8.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.8"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.11.0"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.10.4"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.10.3"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.10.2"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.10.1"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.17.1"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.16"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.15"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.14"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.13"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.12"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "communications digital video recorder",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "24603.13"
},
{
"model": "communications network camera",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "24202.42"
},
{
"model": "communications video server",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "2401+3.13"
},
{
"model": "communications video server",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "2400+3.13"
},
{
"model": "communications network camera",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "21202.42"
},
{
"model": "communications network camera",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "21102.42"
},
{
"model": "communications network camera",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "21002.42"
}
],
"sources": [
{
"db": "BID",
"id": "11642"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:misc:multiple_vendors",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roy Arends and Jakob Schlyter are credited on the NISCC advisory. The original discoverer of this vulnerability is unknown at this time.",
"sources": [
{
"db": "BID",
"id": "11642"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
],
"trust": 0.9
},
"cve": "CVE-2004-0789",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-0789",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-9219",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-0789",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2004-0789",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-718",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9219",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9219"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. [CERT/CC VU#887766 See also ] DNS A vulnerability in the protocol implementation has been identified. Depending on the implementation, between servers Query - response A storm may occur. Also, localhost UDP 53 Port is From If a query with is sent, the server may continue to respond to the server itself and resources may be exhausted.Denial of service (denial-of-service, DoS) You can be attacked. Multiple DNS vendors are reported susceptible to a denial of service vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0789"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "BID",
"id": "11642"
},
{
"db": "VULHUB",
"id": "VHN-9219"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0789",
"trust": 2.8
},
{
"db": "BID",
"id": "11642",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "13145",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1012157",
"trust": 1.1
},
{
"db": "XF",
"id": "17996",
"trust": 0.8
},
{
"db": "XF",
"id": "17997",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-9219",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9219"
},
{
"db": "BID",
"id": "11642"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"id": "VAR-200412-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9219"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T13:40:17.853000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/11642"
},
{
"trust": 1.1,
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"trust": 1.1,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"trust": 1.1,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
},
{
"trust": 1.1,
"url": "http://securitytracker.com/id?1012157"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/13145"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0789"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/17997"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/17996"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-758884/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2004-0789"
},
{
"trust": 0.3,
"url": "http://www.se.axis.com/techsup/cdsrv/storpoint_cd/index.html"
},
{
"trust": 0.3,
"url": "http://www.delegate.org/delegate/"
},
{
"trust": 0.3,
"url": "http://www.delegate.org/mail-lists/delegate-en/2753"
},
{
"trust": 0.3,
"url": "http://www.maradns.org/"
},
{
"trust": 0.3,
"url": "http://mydns.bboy.net/"
},
{
"trust": 0.3,
"url": "http://mydns.bboy.net/download/changelog.html"
},
{
"trust": 0.3,
"url": "http://www.axis.com/products/camera_servers/index.htm"
},
{
"trust": 0.3,
"url": "http://www.uniras.gov.uk/vuls/2004/758884/index.htm"
},
{
"trust": 0.3,
"url": "http://pliant.cx/pliant/protocol/dns/"
},
{
"trust": 0.3,
"url": "http://posadis.sourceforge.net/"
},
{
"trust": 0.3,
"url": "http://www.posadis.org/security/pos_adv_006.txt"
},
{
"trust": 0.3,
"url": "http://wingate.deerfield.com"
},
{
"trust": 0.3,
"url": "/archive/1/381612"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9219"
},
{
"db": "BID",
"id": "11642"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9219"
},
{
"db": "BID",
"id": "11642"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-9219"
},
{
"date": "2004-11-09T00:00:00",
"db": "BID",
"id": "11642"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-718"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9219"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11642"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"date": "2006-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-718"
},
{
"date": "2017-07-11T01:30:28.667000",
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS Vulnerability in protocol implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "11642"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
],
"trust": 0.9
}
}
var-200512-0639
Vulnerability from variot
The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: Cisco Various Products Compressed DNS Messages Denial of Service
SECUNIA ADVISORY ID: SA15472
VERIFY ADVISORY: http://secunia.com/advisories/15472/
CRITICAL: Less critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/
SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/
DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.
Successful exploitation crashes a vulnerable device or causes it to function abnormally.
The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express
The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.
SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software
PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0639",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "powerdns",
"scope": "eq",
"trust": 1.9,
"vendor": "powerdns",
"version": "2.9.15"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.4"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.5"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.6"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.14"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.8"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.3a"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.7"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.6,
"vendor": "powerdns",
"version": "2.9.2"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.3,
"vendor": "powerdns",
"version": "2.8"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.12"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.13"
},
{
"model": "powerdns",
"scope": "lte",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.10"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.0"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.0_rc1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.11"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 1.0,
"vendor": "powerdns",
"version": "2.9.1"
},
{
"model": "powerdns",
"scope": "eq",
"trust": 0.9,
"vendor": "powerdns",
"version": "2.9.16"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ethereal",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tcpdump",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 0.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 0.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "unity express",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "subscriber edge services manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79120"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7905"
},
{
"model": "ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7902"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4450"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.1"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "44304.0"
},
{
"model": "content router",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4430"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3700"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3600"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2800"
},
{
"model": "content engine module for cisco router series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2600"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7325"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73204.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73203.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "73202.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7320"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5904.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5903.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5902.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "590"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "565"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5604.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5603.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5602.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "560"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "510"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5074.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5073.1"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5072.2.0"
},
{
"model": "content engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "507"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4670"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46504.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4650"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.1"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "46304.0"
},
{
"model": "content distribution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4630"
},
{
"model": "ata-188",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ata-186",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.3.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.1.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.13.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.11.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.17.6"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.5"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.11"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.9"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.3"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "application \u0026 content networking software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "powerdns",
"scope": "ne",
"trust": 0.3,
"vendor": "powerdns",
"version": "2.9.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.18"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11.1"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.6"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.5"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.4"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.10.3"
},
{
"model": "subscriber edge services manager",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(2)"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.3"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "application \u0026 content networking software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1.15"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
}
],
"trust": 0.9
},
"cve": "CVE-2005-0038",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-0038",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-0038",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#23495",
"trust": 0.8,
"value": "41.92"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-776",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the DNS implementation\nduring the decompression of compressed DNS messages and can be\nexploited via a specially crafted DNS packet containing invalid\ninformation in the compressed section. \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0038"
},
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13729",
"trust": 2.7
},
{
"db": "NVD",
"id": "CVE-2005-0038",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "25291",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "15472",
"trust": 0.9
},
{
"db": "SECTRACK",
"id": "1014043",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014044",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014045",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014046",
"trust": 0.8
},
{
"db": "BID",
"id": "1165",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#23495",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "37713",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"id": "VAR-200512-0639",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3638431
},
"last_update_date": "2024-11-23T22:04:38.637000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/13729"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/25291"
},
{
"trust": 1.6,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"trust": 1.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/15472/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/1165"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014046"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014045"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014044"
},
{
"trust": 0.8,
"url": "http://www.securitytracker.com/id?1014043"
},
{
"trust": 0.8,
"url": "http://www.ethereal.com"
},
{
"trust": 0.8,
"url": "http://www.tcpdump.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5151/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2268/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2269/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2809/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#23495"
},
{
"db": "BID",
"id": "13729"
},
{
"db": "PACKETSTORM",
"id": "37713"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2005-05-24T00:00:00",
"db": "BID",
"id": "13729"
},
{
"date": "2005-05-29T20:22:44",
"db": "PACKETSTORM",
"id": "37713"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#23495"
},
{
"date": "2016-07-06T14:40:00",
"db": "BID",
"id": "13729"
},
{
"date": "2010-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-776"
},
{
"date": "2024-11-20T23:54:16.503000",
"db": "NVD",
"id": "CVE-2005-0038"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
"sources": [
{
"db": "CERT/CC",
"id": "VU#23495"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "13729"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-776"
}
],
"trust": 0.9
}
}
CVE-2005-0861 (GCVE-0-2005-0861)
Vulnerability from cvelistv5
Published
2005-03-24 05:00
Modified
2024-08-07 21:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to "overflows on arrays."
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/14649 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.delegate.org/mail-lists/delegate-en/2840 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/19775 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:28.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "14649",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14649"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.delegate.org/mail-lists/delegate-en/2840"
},
{
"name": "delegate-bo(19775)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19775"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to \"overflows on arrays.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "14649",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14649"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.delegate.org/mail-lists/delegate-en/2840"
},
{
"name": "delegate-bo(19775)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19775"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0861",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to \"overflows on arrays.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14649",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14649"
},
{
"name": "http://www.delegate.org/mail-lists/delegate-en/2840",
"refsource": "MISC",
"url": "http://www.delegate.org/mail-lists/delegate-en/2840"
},
{
"name": "delegate-bo(19775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19775"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0861",
"datePublished": "2005-03-24T05:00:00",
"dateReserved": "2005-03-25T00:00:00",
"dateUpdated": "2024-08-07T21:28:28.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1202 (GCVE-0-2001-1202)
Vulnerability from cvelistv5
Published
2002-03-15 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/3749 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=100956050432351&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/7745.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:08.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3749",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3749"
},
{
"name": "20011228 DeleGate Cross Site Scripting Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100956050432351\u0026w=2"
},
{
"name": "delegate-proxy-css(7745)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7745.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a \"403 Forbidden\" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3749",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3749"
},
{
"name": "20011228 DeleGate Cross Site Scripting Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100956050432351\u0026w=2"
},
{
"name": "delegate-proxy-css(7745)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7745.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a \"403 Forbidden\" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3749",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3749"
},
{
"name": "20011228 DeleGate Cross Site Scripting Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100956050432351\u0026w=2"
},
{
"name": "delegate-proxy-css(7745)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7745.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1202",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T04:44:08.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2003 (GCVE-0-2004-2003)
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/11569 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=108386181021070&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/5945 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/10295 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16078 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11569",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11569"
},
{
"name": "20040506 [0xbadc0ded #03] DeleGate (SSL-filter) \u003c= 8.9.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108386181021070\u0026w=2"
},
{
"name": "5945",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5945"
},
{
"name": "10295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10295"
},
{
"name": "delegate-sslway-bo(16078)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16078"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11569",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11569"
},
{
"name": "20040506 [0xbadc0ded #03] DeleGate (SSL-filter) \u003c= 8.9.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108386181021070\u0026w=2"
},
{
"name": "5945",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5945"
},
{
"name": "10295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10295"
},
{
"name": "delegate-sslway-bo(16078)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16078"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11569",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11569"
},
{
"name": "20040506 [0xbadc0ded #03] DeleGate (SSL-filter) \u003c= 8.9.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108386181021070\u0026w=2"
},
{
"name": "5945",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5945"
},
{
"name": "10295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10295"
},
{
"name": "delegate-sslway-bo(16078)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16078"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2003",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0789 (GCVE-0-2004-0789)
Vulnerability from cvelistv5
Published
2005-09-01 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/13145 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17997 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1012157 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/11642 | vdb-entry, x_refsource_BID | |
| http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en | x_refsource_MISC | |
| http://www.posadis.org/advisories/pos_adv_006.txt | x_refsource_CONFIRM | |
| http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13145",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11642"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"name": "http://www.posadis.org/advisories/pos_adv_006.txt",
"refsource": "CONFIRM",
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0789",
"datePublished": "2005-09-01T04:00:00",
"dateReserved": "2004-08-17T00:00:00",
"dateUpdated": "2024-08-08T00:31:46.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7556 (GCVE-0-2015-7556)
Vulnerability from cvelistv5
Published
2020-01-15 14:57
Modified
2024-08-06 07:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Other
Summary
DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vapidlabs.com/advisory.php?v=159 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2015/Dec/123 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| National Institute of Advanced Industrial Science and Technology | DeleGate |
Version: 9.9.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:28.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=159"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/123"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DeleGate",
"vendor": "National Institute of Advanced Industrial Science and Technology",
"versions": [
{
"status": "affected",
"version": "9.9.13"
}
]
}
],
"datePublic": "2015-12-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-15T14:57:54",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=159"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/123"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DeleGate",
"version": {
"version_data": [
{
"version_value": "9.9.13"
}
]
}
}
]
},
"vendor_name": "National Institute of Advanced Industrial Science and Technology"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vapidlabs.com/advisory.php?v=159",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=159"
},
{
"name": "http://seclists.org/fulldisclosure/2015/Dec/123",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2015/Dec/123"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-7556",
"datePublished": "2020-01-15T14:57:54",
"dateReserved": "2015-09-29T00:00:00",
"dateUpdated": "2024-08-06T07:51:28.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1338 (GCVE-0-1999-1338)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=93259112204664&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990721 Delegate creates directories writable for anyone",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93259112204664\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-07-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990721 Delegate creates directories writable for anyone",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93259112204664\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990721 Delegate creates directories writable for anyone",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=93259112204664\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1338",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0036 (GCVE-0-2005-0036)
Vulnerability from cvelistv5
Published
2006-04-28 01:00
Modified
2024-08-07 20:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/13729 | vdb-entry, x_refsource_BID | |
| http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en | x_refsource_MISC | |
| http://www.osvdb.org/25291 | vdb-entry, x_refsource_OSVDB | |
| http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:41.176Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13729"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"name": "25291",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25291"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-06-05T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13729"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"name": "25291",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25291"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13729"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
},
{
"name": "25291",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25291"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0036",
"datePublished": "2006-04-28T01:00:00",
"dateReserved": "2005-01-07T00:00:00",
"dateUpdated": "2024-08-07T20:57:41.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1781 (GCVE-0-2002-1781)
Vulnerability from cvelistv5
Published
2005-06-21 04:00
Modified
2024-08-08 03:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.globalintersec.com/adv/delegate-2002012101.txt | x_refsource_MISC | |
| http://online.securityfocus.com/archive/1/256117 | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2002-02/0051.html | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/8114 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/4055 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.globalintersec.com/adv/delegate-2002012101.txt"
},
{
"name": "20020212 Re: [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/256117"
},
{
"name": "20020207 [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-02/0051.html"
},
{
"name": "delegate-proxy-pop-bo(8114)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8114"
},
{
"name": "4055",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4055"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.globalintersec.com/adv/delegate-2002012101.txt"
},
{
"name": "20020212 Re: [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/256117"
},
{
"name": "20020207 [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-02/0051.html"
},
{
"name": "delegate-proxy-pop-bo(8114)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8114"
},
{
"name": "4055",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4055"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.globalintersec.com/adv/delegate-2002012101.txt",
"refsource": "MISC",
"url": "http://www.globalintersec.com/adv/delegate-2002012101.txt"
},
{
"name": "20020212 Re: [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/256117"
},
{
"name": "20020207 [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-02/0051.html"
},
{
"name": "delegate-proxy-pop-bo(8114)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8114"
},
{
"name": "4055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4055"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1781",
"datePublished": "2005-06-21T04:00:00",
"dateReserved": "2005-06-21T00:00:00",
"dateUpdated": "2024-08-08T03:34:56.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2072 (GCVE-0-2006-2072)
Vulnerability from cvelistv5
Published
2006-04-27 22:00
Modified
2024-08-07 17:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26081 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/955777 | third-party-advisory, x_refsource_CERT-VN | |
| http://securitytracker.com/id?1015991 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/19750 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/1505 | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2006/1506 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/17691 | vdb-entry, x_refsource_BID | |
| http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en | x_refsource_MISC | |
| http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:35:31.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "dns-improper-request-handling(26081)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
},
{
"name": "VU#955777",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/955777"
},
{
"name": "1015991",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015991"
},
{
"name": "19750",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19750"
},
{
"name": "ADV-2006-1505",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1505"
},
{
"name": "ADV-2006-1506",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1506"
},
{
"name": "17691",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17691"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "dns-improper-request-handling(26081)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
},
{
"name": "VU#955777",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/955777"
},
{
"name": "1015991",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015991"
},
{
"name": "19750",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19750"
},
{
"name": "ADV-2006-1505",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1505"
},
{
"name": "ADV-2006-1506",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1506"
},
{
"name": "17691",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17691"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "dns-improper-request-handling(26081)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
},
{
"name": "VU#955777",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/955777"
},
{
"name": "1015991",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015991"
},
{
"name": "19750",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19750"
},
{
"name": "ADV-2006-1505",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1505"
},
{
"name": "ADV-2006-1506",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1506"
},
{
"name": "17691",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17691"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2072",
"datePublished": "2006-04-27T22:00:00",
"dateReserved": "2006-04-27T00:00:00",
"dateUpdated": "2024-08-07T17:35:31.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}