JVNDB-2005-000343

Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
Severity ?
() - -
Summary
DeleGate DNS Message Decompression Denial of Service Vulnerability
Details
DNS implementation in DeleGate does not handle a compressed DNS packet properly, which could cause an infinite loop. Note that some other DNS packet processing systems have the issues related to this vulnerability. For more information on those systems, please refer to NISCC-589088 (JVN) and NISCC Advisory 589088/NISCC/DNS (CPNI Advisory 00432).
References
Impacted products
Show details on JVN DB website
To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000343.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "DNS implementation in DeleGate does not handle a compressed DNS packet properly, which could cause an infinite loop.\r\n\r\nNote that some other DNS packet processing systems have the issues related to this vulnerability. For more information on those systems, please refer to NISCC-589088 (JVN) and NISCC Advisory 589088/NISCC/DNS (CPNI Advisory 00432).",
  "link": "https://jvndb.jvn.jp/en/contents/2005/JVNDB-2005-000343.html",
  "sec:cpe": {
    "#text": "cpe:/a:delegate:delegate",
    "@product": "DeleGate",
    "@vendor": "DeleGate.org",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2005-000343",
  "sec:references": [
    {
      "#text": "http://jvn.jp/niscc/NISCC-589088/index.html",
      "@id": "NISCC-589088",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0036",
      "@id": "CVE-2005-0036",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-0036",
      "@id": "CVE-2005-0036",
      "@source": "NVD"
    },
    {
      "#text": "http://www.cpni.gov.uk/docs/re-20050524-00432.pdf?lang=en",
      "@id": "589088/NISCC/DNS",
      "@source": "NISCC"
    },
    {
      "#text": "http://www.cpni.gov.uk/Products/vulnerabilitydisclosures/default.aspx?id=va-20050524-00432.xml",
      "@id": "00432",
      "@source": "CPNI"
    },
    {
      "#text": "http://www.securityfocus.com/bid/13729",
      "@id": "13729",
      "@source": "BID"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2005/0610",
      "@id": "FrSIRT/ADV-2005-0610",
      "@source": "FRSIRT"
    }
  ],
  "title": "DeleGate DNS Message Decompression Denial of Service Vulnerability"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.