cvelistv5 - cve-2005-0038

CVE-2005-0038 (GCVE-0-2005-0038)

Vulnerability from cvelistv5

Published

2006-04-28 01:00

Modified

2024-08-07 20:57

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

var-200512-0639

Vulnerability from variot

The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.

Bist Du interessiert an einem neuen Job in IT-Sicherheit?

Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/

TITLE: Cisco Various Products Compressed DNS Messages Denial of Service

SECUNIA ADVISORY ID: SA15472

VERIFY ADVISORY: http://secunia.com/advisories/15472/

CRITICAL: Less critical

IMPACT: DoS

WHERE:

From remote

OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/

SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/

DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.

Successful exploitation crashes a vulnerable device or causes it to function abnormally.

The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express

The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.

SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software

PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.

ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml

NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200512-0639",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "powerdns",
        "version": "2.9.15"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "powerdns",
        "version": "2.9.4"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "powerdns",
        "version": "2.9.5"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "powerdns",
        "version": "2.9.6"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "powerdns",
        "version": "2.9.14"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "powerdns",
        "version": "2.9.8"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "powerdns",
        "version": "2.9.3a"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "powerdns",
        "version": "2.9.7"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "powerdns",
        "version": "2.9.2"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "powerdns",
        "version": "2.8"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "powerdns",
        "version": "2.9.12"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "powerdns",
        "version": "2.9.13"
      },
      {
        "model": "powerdns",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "powerdns",
        "version": "2.9.16"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "powerdns",
        "version": "2.9.10"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "powerdns",
        "version": "2.9.0"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "powerdns",
        "version": "2.0_rc1"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "powerdns",
        "version": "2.9.11"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "powerdns",
        "version": "2.9.1"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "powerdns",
        "version": "2.9.16"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ethereal",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "tcpdump",
        "version": null
      },
      {
        "model": "application \u0026 content networking software",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rc1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "powerdns",
        "version": "2.0"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.10"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.9"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.8"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.7"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.6"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.5"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.4"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.3"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.2"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.1"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.0"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.4"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.3"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.2"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.1"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.0"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.2"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.1"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.6"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.5"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.4"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.3"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.2"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.1"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.5.0"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.4.0"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.3.4"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.3.3"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.9.11"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.8.2"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.8.1"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.8.0"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.7.1"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.7.0"
      },
      {
        "model": "unity express",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "subscriber edge services manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(1)"
      },
      {
        "model": "subscriber edge services manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2(2)"
      },
      {
        "model": "subscriber edge services manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2(1)"
      },
      {
        "model": "ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "79120"
      },
      {
        "model": "ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7905"
      },
      {
        "model": "ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7902"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4450"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "44304.1"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "44304.0"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4430"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3800"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3700"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3600"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2800"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2600"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7325"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "73204.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "73204.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "73203.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "73202.2.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7320"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5904.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5904.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5903.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5902.2.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "590"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "565"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5604.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5604.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5603.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5602.2.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "560"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "510"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5074.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5074.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5073.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5072.2.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "507"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4670"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "46504.1"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "46504.0"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4650"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "46304.1"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "46304.0"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4630"
      },
      {
        "model": "ata-188",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ata-186",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2.3.9"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2.1.7"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1.13.7"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1.11.6"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.17.6"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.5"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.3"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.1"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.11"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.9"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.7"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1.3"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1.1"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.3"
      },
      {
        "model": "powerdns",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "powerdns",
        "version": "2.9.17"
      },
      {
        "model": "dnrd",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.18"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.11.1"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.11"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.6"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.5"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.4"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.3"
      },
      {
        "model": "subscriber edge services manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(2)"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.3.3"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2.7"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1.15"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-0038"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
    "sources": [
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2005-0038",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2005-0038",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2005-0038",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#23495",
            "trust": 0.8,
            "value": "41.92"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200512-776",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-0038"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the DNS implementation\nduring the decompression of compressed DNS messages and can be\nexploited via a specially crafted DNS packet containing invalid\ninformation in the compressed section. \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-0038"
      },
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "PACKETSTORM",
        "id": "37713"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "13729",
        "trust": 2.7
      },
      {
        "db": "NVD",
        "id": "CVE-2005-0038",
        "trust": 1.9
      },
      {
        "db": "OSVDB",
        "id": "25291",
        "trust": 1.6
      },
      {
        "db": "SECUNIA",
        "id": "15472",
        "trust": 0.9
      },
      {
        "db": "SECTRACK",
        "id": "1014043",
        "trust": 0.8
      },
      {
        "db": "SECTRACK",
        "id": "1014044",
        "trust": 0.8
      },
      {
        "db": "SECTRACK",
        "id": "1014045",
        "trust": 0.8
      },
      {
        "db": "SECTRACK",
        "id": "1014046",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "1165",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#23495",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "37713",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "PACKETSTORM",
        "id": "37713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-0038"
      }
    ]
  },
  "id": "VAR-200512-0639",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.3638431
  },
  "last_update_date": "2024-11-23T22:04:38.637000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-0038"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
      },
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/13729"
      },
      {
        "trust": 1.6,
        "url": "http://www.osvdb.org/25291"
      },
      {
        "trust": 1.6,
        "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
      },
      {
        "trust": 1.2,
        "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/15472/"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/1165"
      },
      {
        "trust": 0.8,
        "url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1014046"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1014045"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1014044"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1014043"
      },
      {
        "trust": 0.8,
        "url": "http://www.ethereal.com"
      },
      {
        "trust": 0.8,
        "url": "http://www.tcpdump.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2810/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5151/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_vacancies/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2268/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2269/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2809/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "PACKETSTORM",
        "id": "37713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-0038"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "PACKETSTORM",
        "id": "37713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-0038"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2001-06-18T00:00:00",
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "date": "2005-05-24T00:00:00",
        "db": "BID",
        "id": "13729"
      },
      {
        "date": "2005-05-29T20:22:44",
        "db": "PACKETSTORM",
        "id": "37713"
      },
      {
        "date": "2005-12-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      },
      {
        "date": "2005-12-31T05:00:00",
        "db": "NVD",
        "id": "CVE-2005-0038"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-11-15T00:00:00",
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "date": "2016-07-06T14:40:00",
        "db": "BID",
        "id": "13729"
      },
      {
        "date": "2010-06-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      },
      {
        "date": "2024-11-20T23:54:16.503000",
        "db": "NVD",
        "id": "CVE-2005-0038"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-776"
      }
    ],
    "trust": 0.9
  }
}

fkie_cve-2005-0038

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2025-04-03 01:03

Severity ?

Summary

References

	URL	Tags
	cve@mitre.org	http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
	cve@mitre.org	http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en
	cve@mitre.org	http://www.osvdb.org/25291
	cve@mitre.org	http://www.securityfocus.com/bid/13729
	af854a3a-2127-422b-91ae-364da2661108	http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en
	af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/25291
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/13729

Impacted products

Vendor	Product	Version
powerdns	powerdns	*
powerdns	powerdns	2.0_rc1
powerdns	powerdns	2.8
powerdns	powerdns	2.9.0
powerdns	powerdns	2.9.1
powerdns	powerdns	2.9.2
powerdns	powerdns	2.9.3a
powerdns	powerdns	2.9.4
powerdns	powerdns	2.9.5
powerdns	powerdns	2.9.6
powerdns	powerdns	2.9.7
powerdns	powerdns	2.9.8
powerdns	powerdns	2.9.10
powerdns	powerdns	2.9.11
powerdns	powerdns	2.9.12
powerdns	powerdns	2.9.13
powerdns	powerdns	2.9.14
powerdns	powerdns	2.9.15

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33D4F84E-71E7-4D95-B0FF-D7254322F3A3",
              "versionEndIncluding": "2.9.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8A0122-81ED-4951-BE34-9E8240FD297C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AC7BEE9-06FF-487D-B77D-5F05AA5C6324",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C1E89A2-4993-4208-B67F-52B08A6F1BDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B340CA64-2358-46E6-8F65-725B6ACE77D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ADBB8B1-C732-49BA-9270-F5551A9E2D0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "80C62126-2E61-4532-BFA2-D66FCCC8C9E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4472A3D7-8E17-4D80-AA2D-724C74EEF9E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "07CDE603-2A52-4C6F-B6A3-563D516BB4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC3E5668-9B66-4C80-8C38-6FF01C342182",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB793844-A30A-4F97-954B-690083E77430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B636157B-E627-4EF1-B6C2-640648C001D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEA40F-CD68-4AE9-A305-402BFBEEA23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "40FFBCCC-3595-4148-A3CD-28FD390FB786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B7722F1-D913-42A0-93EA-48140F47F221",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E26E04-71AA-4A00-B0EE-9A04A63ADBBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A413F4D-123A-4AA6-A097-9900F9B39817",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F03070D-C76A-4A31-AA0C-E32442EBE83B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop."
    }
  ],
  "id": "CVE-2005-0038",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/25291"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/13729"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/25291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/13729"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-mh6v-rgfm-g694

Vulnerability from github

Published

2022-05-01 01:46

Modified

2022-05-01 01:46

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-0038"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.",
  "id": "GHSA-mh6v-rgfm-g694",
  "modified": "2022-05-01T01:46:52Z",
  "published": "2022-05-01T01:46:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0038"
    },
    {
      "type": "WEB",
      "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
    },
    {
      "type": "WEB",
      "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/25291"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/13729"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2005-0038

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2005-0038

Aliases

CVE-2005-0038

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-0038",
    "description": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.",
    "id": "GSD-2005-0038",
    "references": [
      "https://www.suse.com/security/cve/CVE-2005-0038.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-0038"
      ],
      "details": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.",
      "id": "GSD-2005-0038",
      "modified": "2023-12-13T01:20:08.574977Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-0038",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "13729",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/13729"
          },
          {
            "name": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en",
            "refsource": "MISC",
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
          },
          {
            "name": "25291",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/25291"
          },
          {
            "name": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html",
            "refsource": "MISC",
            "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.0_rc1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.3a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:2.9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:powerdns:powerdns:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.9.16",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0038"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
            },
            {
              "name": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
            },
            {
              "name": "13729",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/13729"
            },
            {
              "name": "25291",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/25291"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2008-09-05T20:45Z",
      "publishedDate": "2005-12-31T05:00Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2005-0038 (GCVE-0-2005-0038)

Vulnerability from cvelistv5

var-200512-0639

Vulnerability from variot

fkie_cve-2005-0038

Vulnerability from fkie_nvd

ghsa-mh6v-rgfm-g694

Vulnerability from github

gsd-2005-0038

Vulnerability from gsd

Tags

Sightings

Nomenclature