Lucene search
HistoryMar 25, 2002 - 5:00 a.m.
CVE-2002-0140
cve-2002-0140
dns
dos
code execution
dnrd
nvd.
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.2 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.9%
Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions.
Affected configurations
Node
dnrddnrdMatch1.0
ORdnrddnrdMatch1.1
ORdnrddnrdMatch1.2
ORdnrddnrdMatch1.3
ORdnrddnrdMatch1.4
ORdnrddnrdMatch2.0
ORdnrddnrdMatch2.1
ORdnrddnrdMatch2.2
ORdnrddnrdMatch2.3
ORdnrddnrdMatch2.4
ORdnrddnrdMatch2.5
ORdnrddnrdMatch2.6
ORdnrddnrdMatch2.7
ORdnrddnrdMatch2.8
ORdnrddnrdMatch2.9
ORdnrddnrdMatch2.10
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.2 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.9%
Related for CVE-2002-0140