cvelistv5 - cve-2005-4794

URL	Tags
cve@mitre.org	http://secunia.com/advisories/15472	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1014043
cve@mitre.org	http://securitytracker.com/id?1014044
cve@mitre.org	http://securitytracker.com/id?1014045
cve@mitre.org	http://securitytracker.com/id?1014046
cve@mitre.org	http://securitytracker.com/id?1015975
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
cve@mitre.org	http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
cve@mitre.org	http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en
cve@mitre.org	http://www.osvdb.org/19003
cve@mitre.org	http://www.securityfocus.com/bid/13729
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/20712
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/15472	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1014043
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1014044
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1014045
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1014046
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015975
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html
af854a3a-2127-422b-91ae-364da2661108	http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/19003
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/13729
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/20712

var-200512-0860

Vulnerability from variot

Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. This issue arises when an affected application handles a specially crafted DNS message. A successful attack would crash the affected client or server.

Bist Du interessiert an einem neuen Job in IT-Sicherheit?

Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/

TITLE: Cisco Various Products Compressed DNS Messages Denial of Service

SECUNIA ADVISORY ID: SA15472

VERIFY ADVISORY: http://secunia.com/advisories/15472/

CRITICAL: Less critical

IMPACT: DoS

WHERE:

From remote

OPERATING SYSTEM: Cisco ATA 180 Series Analog Telephone Adaptors http://secunia.com/product/2810/

SOFTWARE: Cisco IP Phone 7900 Series http://secunia.com/product/2809/ Cisco ACNS Software Version 5.x http://secunia.com/product/2268/ Cisco ACNS Software Version 4.x http://secunia.com/product/2269/ Cisco Unity Express 2.x http://secunia.com/product/5151/

DESCRIPTION: A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the DNS implementation during the decompression of compressed DNS messages and can be exploited via a specially crafted DNS packet containing invalid information in the compressed section.

Successful exploitation crashes a vulnerable device or causes it to function abnormally.

The vulnerability affects the following products: * Cisco IP Phones 7902/7905/7912 * Cisco ATA (Analog Telephone Adaptor) 186/188 * Cisco Unity Express

The following Cisco ACNS (Application and Content Networking System) devices are also affected: * Cisco 500 Series Content Engines * Cisco 7300 Series Content Engines * Cisco Content Routers 4400 series * Cisco Content Distribution Manager 4600 series * Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and 3800 series Integrated Service Routers.

SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software

PROVIDED AND/OR DISCOVERED BY: NISCC credits Dr. Steve Beaty.

ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml

NISCC: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200512-0860",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ata",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "188"
      },
      {
        "model": "ata",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "186"
      },
      {
        "model": "subscriber edge services manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "unity express",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "ip phone 7912",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "ip phone 7902",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "ip phone 7905",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "application and content networking software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "unity express",
        "scope": null,
        "trust": 0.9,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "ethereal",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "tcpdump",
        "version": null
      },
      {
        "model": "application \u0026 content networking software",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "subscriber edge services manager",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ip phone 7902",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "application and content networking software",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ip phone 7905",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ip phone 7912",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "powerdns",
        "version": "2.9.16"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "powerdns",
        "version": "2.9.15"
      },
      {
        "model": "powerdns",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "powerdns",
        "version": "2.8"
      },
      {
        "model": "rc1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "powerdns",
        "version": "2.0"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.10"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.9"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.8"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.7"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.6"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.5"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.4"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.3"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.2"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.1"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.0"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.4"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.3"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.2"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.1"
      },
      {
        "model": "dnrd",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "1.0"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.2"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.1"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.6"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.5"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.4"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.3"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.2"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9.1"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.9"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.5.0"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.4.0"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.3.4"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.3.3"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.9.11"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.8.2"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.8.1"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.8.0"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.7.1"
      },
      {
        "model": "delegate",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "7.7.0"
      },
      {
        "model": "subscriber edge services manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(1)"
      },
      {
        "model": "subscriber edge services manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2(2)"
      },
      {
        "model": "subscriber edge services manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2(1)"
      },
      {
        "model": "ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "79120"
      },
      {
        "model": "ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7905"
      },
      {
        "model": "ip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7902"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4450"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "44304.1"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "44304.0"
      },
      {
        "model": "content router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4430"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3800"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3700"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3600"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2800"
      },
      {
        "model": "content engine module for cisco router series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2600"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7325"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "73204.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "73204.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "73203.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "73202.2.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7320"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5904.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5904.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5903.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5902.2.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "590"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "565"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5604.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5604.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5603.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5602.2.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "560"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "510"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5074.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5074.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5073.1"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5072.2.0"
      },
      {
        "model": "content engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "507"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4670"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "46504.1"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "46504.0"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4650"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "46304.1"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "46304.0"
      },
      {
        "model": "content distribution manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4630"
      },
      {
        "model": "ata-188",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ata-186",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2.3.9"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2.1.7"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1.13.7"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1.11.6"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.17.6"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.5"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.3"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0.1"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.11"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.9"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.7"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1.3"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1.1"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0.3"
      },
      {
        "model": "powerdns",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "powerdns",
        "version": "2.9.17"
      },
      {
        "model": "dnrd",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "dnrd",
        "version": "2.18"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.11.1"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.11"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.6"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.5"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.4"
      },
      {
        "model": "delegate",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "delegate",
        "version": "8.10.3"
      },
      {
        "model": "subscriber edge services manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(2)"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.3.3"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.2.7"
      },
      {
        "model": "application \u0026 content networking software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1.15"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-4794"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Discovered by Dr. Steve Beaty from the Department of Mathematical and Computer Sciences at the Metropolitan State College of Denver.",
    "sources": [
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2005-4794",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2005-4794",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-16002",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2005-4794",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#23495",
            "trust": 0.8,
            "value": "41.92"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200512-642",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-16002",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "VULHUB",
        "id": "VHN-16002"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-4794"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients. \nThis issue arises when an affected application handles a specially crafted DNS message. \nA successful attack would crash the affected client or server. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Various Products Compressed DNS Messages Denial of Service\n\nSECUNIA ADVISORY ID:\nSA15472\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15472/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCisco ATA 180 Series Analog Telephone Adaptors\nhttp://secunia.com/product/2810/\n\nSOFTWARE:\nCisco IP Phone 7900 Series\nhttp://secunia.com/product/2809/\nCisco ACNS Software Version 5.x\nhttp://secunia.com/product/2268/\nCisco ACNS Software Version 4.x\nhttp://secunia.com/product/2269/\nCisco Unity Express 2.x\nhttp://secunia.com/product/5151/\n\nDESCRIPTION:\nA vulnerability has been reported in various Cisco products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\nThe vulnerability is caused due to an error in the DNS implementation\nduring the decompression of compressed DNS messages and can be\nexploited via a specially crafted DNS packet containing invalid\ninformation in the compressed section. \n\nSuccessful exploitation crashes a vulnerable device or causes it to\nfunction abnormally. \n\nThe vulnerability affects the following products:\n* Cisco IP Phones 7902/7905/7912\n* Cisco ATA (Analog Telephone Adaptor) 186/188\n* Cisco Unity Express\n\nThe following Cisco ACNS (Application and Content Networking System)\ndevices are also affected:\n* Cisco 500 Series Content Engines\n* Cisco 7300 Series Content Engines\n* Cisco Content Routers 4400 series\n* Cisco Content Distribution Manager 4600 series\n* Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and\n3800 series Integrated Service Routers. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nNISCC credits Dr. Steve Beaty. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml\n\nNISCC:\nhttp://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-4794"
      },
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "VULHUB",
        "id": "VHN-16002"
      },
      {
        "db": "PACKETSTORM",
        "id": "37713"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "13729",
        "trust": 2.8
      },
      {
        "db": "SECUNIA",
        "id": "15472",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1014043",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1014044",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1014045",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1014046",
        "trust": 2.5
      },
      {
        "db": "NVD",
        "id": "CVE-2005-4794",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1015975",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "19003",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "1165",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#23495",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20050524 CRAFTED DNS PACKET CAN CAUSE DENIAL OF SERVICE",
        "trust": 0.6
      },
      {
        "db": "XF",
        "id": "20712",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-16002",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "37713",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "VULHUB",
        "id": "VHN-16002"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "PACKETSTORM",
        "id": "37713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-4794"
      }
    ]
  },
  "id": "VAR-200512-0860",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16002"
      }
    ],
    "trust": 0.6152548999999999
  },
  "last_update_date": "2024-11-23T22:04:38.671000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-4794"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
      },
      {
        "trust": 2.9,
        "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
      },
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/13729"
      },
      {
        "trust": 1.7,
        "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/19003"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1014043"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1014044"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1014045"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1014046"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1015975"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/15472"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20712"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/15472/"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/1165"
      },
      {
        "trust": 0.8,
        "url": "http://www.ciac.org/ciac/bulletins/l-015.shtml"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1014046"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1014045"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1014044"
      },
      {
        "trust": 0.8,
        "url": "http://www.securitytracker.com/id?1014043"
      },
      {
        "trust": 0.8,
        "url": "http://www.ethereal.com"
      },
      {
        "trust": 0.8,
        "url": "http://www.tcpdump.org"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/20712"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2810/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5151/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml#software"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_vacancies/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2268/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2269/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2809/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "VULHUB",
        "id": "VHN-16002"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "PACKETSTORM",
        "id": "37713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-4794"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "db": "VULHUB",
        "id": "VHN-16002"
      },
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "PACKETSTORM",
        "id": "37713"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-4794"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2001-06-18T00:00:00",
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "date": "2005-12-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-16002"
      },
      {
        "date": "2005-05-24T00:00:00",
        "db": "BID",
        "id": "13729"
      },
      {
        "date": "2005-05-29T20:22:44",
        "db": "PACKETSTORM",
        "id": "37713"
      },
      {
        "date": "2005-12-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      },
      {
        "date": "2005-12-31T05:00:00",
        "db": "NVD",
        "id": "CVE-2005-4794"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-11-15T00:00:00",
        "db": "CERT/CC",
        "id": "VU#23495"
      },
      {
        "date": "2017-07-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-16002"
      },
      {
        "date": "2016-07-06T14:40:00",
        "db": "BID",
        "id": "13729"
      },
      {
        "date": "2006-05-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      },
      {
        "date": "2024-11-21T00:05:11.867000",
        "db": "NVD",
        "id": "CVE-2005-4794"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#23495"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "13729"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200512-642"
      }
    ],
    "trust": 0.9
  }
}

gsd-2005-4794

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.

Aliases

CVE-2005-4794

Aliases

CVE-2005-4794

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-4794",
    "description": "Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.",
    "id": "GSD-2005-4794"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-4794"
      ],
      "details": "Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.",
      "id": "GSD-2005-4794",
      "modified": "2023-12-13T01:20:09.420303Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-4794",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "cisco-dns-dos(20712)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20712"
          },
          {
            "name": "1014044",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1014044"
          },
          {
            "name": "1014043",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1014043"
          },
          {
            "name": "13729",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/13729"
          },
          {
            "name": "15472",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/15472"
          },
          {
            "name": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en",
            "refsource": "MISC",
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
          },
          {
            "name": "1014046",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1014046"
          },
          {
            "name": "19003",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/19003"
          },
          {
            "name": "1015975",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015975"
          },
          {
            "name": "20050524 Crafted DNS Packet Can Cause Denial Of Service",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
          },
          {
            "name": "1014045",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1014045"
          },
          {
            "name": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html",
            "refsource": "MISC",
            "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ip_phone_7905:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ip_phone_7912:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:unity_express:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ata:186:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:ata:188:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:subscriber_edge_services_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:ip_phone_7902:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4794"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
            },
            {
              "name": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
            },
            {
              "name": "20050524 Crafted DNS Packet Can Cause Denial Of Service",
              "refsource": "CISCO",
              "tags": [],
              "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
            },
            {
              "name": "13729",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/13729"
            },
            {
              "name": "1014043",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1014043"
            },
            {
              "name": "1014044",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1014044"
            },
            {
              "name": "1014045",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1014045"
            },
            {
              "name": "1014046",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1014046"
            },
            {
              "name": "1015975",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015975"
            },
            {
              "name": "15472",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/15472"
            },
            {
              "name": "19003",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/19003"
            },
            {
              "name": "cisco-dns-dos(20712)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20712"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-20T01:29Z",
      "publishedDate": "2005-12-31T05:00Z"
    }
  }
}

ghsa-9jjv-5r68-g5hv

Vulnerability from github

Published

2022-05-01 02:30

Modified

2022-05-01 02:30

Details

Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-4794"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-12-31T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.",
  "id": "GHSA-9jjv-5r68-g5hv",
  "modified": "2022-05-01T02:30:42Z",
  "published": "2022-05-01T02:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-4794"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20712"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/15472"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014043"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014044"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014045"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014046"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015975"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050524-dns.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html"
    },
    {
      "type": "WEB",
      "url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/19003"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/13729"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2005-4794

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature

Action not permitted

cve-2005-4794

Vulnerability from cvelistv5

var-200512-0860

Vulnerability from variot

gsd-2005-4794

Vulnerability from gsd

ghsa-9jjv-5r68-g5hv

Vulnerability from github

Tags

Sightings

Nomenclature