CVE-2005-2301

Published Jul 19, 2005

Last updated 6 hours ago

CVSS info 5.0

Overview

Description: PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C1E89A2-4993-4208-B67F-52B08A6F1BDF"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B340CA64-2358-46E6-8F65-725B6ACE77D3"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8ADBB8B1-C732-49BA-9270-F5551A9E2D0D"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.3a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80C62126-2E61-4532-BFA2-D66FCCC8C9E2"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4472A3D7-8E17-4D80-AA2D-724C74EEF9E7"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07CDE603-2A52-4C6F-B6A3-563D516BB4C4"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC3E5668-9B66-4C80-8C38-6FF01C342182"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB793844-A30A-4F97-954B-690083E77430"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B636157B-E627-4EF1-B6C2-640648C001D2"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34EEA40F-CD68-4AE9-A305-402BFBEEA23B"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40FFBCCC-3595-4148-A3CD-28FD390FB786"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B7722F1-D913-42A0-93EA-48140F47F221"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16E26E04-71AA-4A00-B0EE-9A04A63ADBBE"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A413F4D-123A-4AA6-A097-9900F9B39817"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F03070D-C76A-4A31-AA0C-E32442EBE83B"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2BE9083-C8DA-4CCB-AAA0-8E31A1C566D1"
          },
          {
            "criteria": "cpe:2.3:a:powerdns:powerdns:2.9.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11FC77A2-E464-4832-ADCD-68D66E7CB29E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References