CVE-2008-4194

Published Sep 24, 2008

Last updated 8 years ago

CVSS info 5.0

Overview

Description: The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48C89DEE-EA5F-4A74-8D84-9632633DC9D8",
            "versionEndIncluding": "1.2.6-par"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72E5E5EA-123B-4187-BAC0-77B3034BB665"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.7a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1848A537-D8B7-4C56-980B-B19237603A21"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AA9D9AA-7FD4-4640-8A05-F353F193F624"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55C8B60D-9ABF-44EA-8C5F-737F12790C39"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "958FDA46-C58C-440E-B164-A88681CCDE50"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A591F5A-9C82-4125-9F3E-F8FB22F84A74"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A48F1CAE-0A43-43AD-8945-2EDDAE3A3E97"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.9-par:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8587AC06-C4F3-4078-A661-602BA9E568B6"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.10-par:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4DAA355-14BE-4462-B1D0-A2D4B5642ECF"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.11-par:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE0CC736-279C-4215-98CE-4904A35B4C4E"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.11a-par:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "176CCFD5-9AE7-43B2-9DE5-EA09C22465E6"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.2-par:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA858757-834E-45E1-BB1A-E9A9E377C6FF"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.2.1_par:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF7A894A-4CE6-415E-8601-F495D8DBEE0F"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.2.4-par:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FEE1472-7A5B-4344-8B95-EC898D55419E"
          },
          {
            "criteria": "cpe:2.3:a:pdnsd:pdnsd:1.2.5-par:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "853163E2-965E-4E35-9DD1-05710F1CAF3B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References