Lucene search
PRIOn knowledge basePRION:CVE-2008-4194HistorySep 24, 2008 - 11:42 a.m.
Design/Logic Flaw
2008-09-2411:42:00
PRIOn knowledge base
www.prio-n.com
6
6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.5%
The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a “dangling pointer bug.”
| CPE | Name | Operator | Version |
|---|---|---|---|
| pdnsd | eq | 1.1.8b1-par5 | |
| pdnsd | eq | 1.2.0-par | |
| pdnsd | eq | 1.2.4-par | |
| pdnsd | eq | 1.2.5-par | |
| pdnsd | eq | 1.2.1-par | |
| pdnsd | eq | 1.1.797 | |
| pdnsd | eq | 1.1.9-par | |
| pdnsd | eq | 1.1.11-par | |
| pdnsd | eq | 1.1.8b1-par8 | |
| pdnsd | eq | 1.1.8b1-par7 |
Related
cve
cve
CVE-2008-4194
2008-09-24 11:42:00
gentoo
gentoo
pdnsd: Denial of Service and cache poisoning
2009-01-11 00:00:00
nessus
nessus
Debian DSA-1623-1 : dnsmasq - DNS cache poisoning
2008-08-01 00:00:00
Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : bind9 vulnerability (USN-622-1)
2008-07-10 00:00:00
Debian DSA-1603-1 : bind9 - DNS cache poisoning
2008-07-10 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200901-03 (pdnsd)
2009-01-13 00:00:00
Gentoo Security Advisory GLSA 200901-03 (pdnsd)
2009-01-13 00:00:00
6.5 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.5%
Related for PRION:CVE-2008-4194