Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2008-4194

Published: 24/09/2008 Updated: 08/08/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 515
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Pdnsd

Vulnerability Summary

The p_exec_query function in src/dns_query.c in pdnsd prior to 1.2.7-par allows remote malicious users to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."

Vulnerable Product Search on Vulmon Subscribe to Product

pdnsd pdnsd 1.1.11-par

pdnsd pdnsd 1.1.10-par

pdnsd pdnsd 1.1.7a

pdnsd pdnsd 1.1.7

pdnsd pdnsd 1.2.5-par

pdnsd pdnsd

pdnsd pdnsd 1.1.11a-par

pdnsd pdnsd 1.1.8b1-par5

pdnsd pdnsd 1.1.8b1-par4

pdnsd pdnsd 1.2-par

pdnsd pdnsd 1.2.4-par

pdnsd pdnsd 1.1.8b1-par7

pdnsd pdnsd 1.1.8b1-par6

pdnsd pdnsd 1.2.1_par

pdnsd pdnsd 1.1.9-par

pdnsd pdnsd 1.1.8b1-par8

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2008-4194 denial of service
Debian Bug report logs - #500910 CVE-2008-4194 denial of service Package: pdnsd; Maintainer for pdnsd is Debian QA Group <packages@qadebianorg>; Source for pdnsd is src:pdnsd (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 2 Oct 2008 14:21:01 UTC Severity: grave Tags: patch, security F ...

Exploits

Exploit DB: BIND 9.x - Remote DNS Cache Poisoning (Python)
from scapy import * import random # Copyright (C) 2008 Julien Desfossez <ju@klipixorg> # wwwsolisprojectnet/ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your o ...
Exploit DB: BIND 9.x - Remote DNS Cache Poisoning
/* * Exploit for CVE-2008-1447 - Kaminsky DNS Cache Poisoning Attack * * Compilation: * $ gcc -o kaminsky-attack kaminsky-attackc `dnet-config --libs` -lm * * Dependency: libdnet (aka libdumbnet-dev under Ubuntu) * * Author: marcbevand at rapid7 dot com */ #define _BSD_SOURCE #include <sys/typesh> #include <errh> #include ...
Exploit DB: BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning (Metasploit)
____ ____ __ __ / \ / \ | | | | ----====####/ /\__\##/ /\ \##| |##| |####====---- | | | |__| | | | | | | | ___ | __ | | | | | ------======######\ \/ /#| |##| |#| |##| |######======------ ...

References

CWE-399http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLoghttp://www.phys.uu.nl/~rombouts/pdnsd.htmlhttp://www.vupen.com/english/advisories/2008/2582https://exchange.xforce.ibmcloud.com/vulnerabilities/45594https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500910https://nvd.nist.govhttps://www.exploit-db.com/exploits/6123/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook