Published: 19/07/2005 Updated: 18/10/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

PowerDNS prior to 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote malicious users to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
powerdns powerdns 2.9.0
powerdns powerdns 2.9.1
powerdns powerdns 2.9.17
powerdns powerdns 2.9.2
powerdns powerdns 2.9.13
powerdns powerdns 2.9.14
powerdns powerdns 2.9.5
powerdns powerdns 2.9.6
powerdns powerdns 2.9.15
powerdns powerdns 2.9.16
powerdns powerdns 2.9.7
powerdns powerdns 2.9.8
powerdns powerdns 2.9.10
powerdns powerdns 2.9.11
powerdns powerdns 2.9.12
powerdns powerdns 2.9.3a
powerdns powerdns 2.9.4

Several problems have been discovered in pdns, a versatile nameserver that can lead to a denial of service The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2005-2301 Norbert Sendetzky and Jan de Groot discovered that the LDAP backend did not properly escape all queries, allowing it to fail and not ...

NVD-CWE-Other http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18 http://www.securityfocus.com/bid/14290 http://securitytracker.com/id?1014504 http://www.novell.com/linux/security/advisories/2005_19_sr.html http://marc.info/?l=bugtraq&m=112155941310297&w=2 https://nvd.nist.gov https://www.debian.org/security/./dsa-771

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-2301

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect