Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0789

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0789
Last Modified 05 Sep 2008 04:39:24
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0789

Summary

Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.

Vulnerable Systems

Application

  • Delegate 7.7.0

  • Delegate 7.7.1

  • Delegate 7.8.0

  • Delegate 7.8.1

  • Delegate 7.8.2

  • Delegate 7.9.11

  • Delegate 8.3.3

  • Delegate 8.3.4

  • Delegate 8.4.0

  • Delegate 8.5.0

  • Delegate 8.9

  • Delegate 8.9.1

  • Delegate 8.9.2

  • Delegate 8.9.3

  • Delegate 8.9.4

  • Delegate 8.9.5

  • Dnrd 1.0

  • Dnrd 1.1

  • Dnrd 1.2

  • Dnrd 1.3

  • Dnrd 1.4

  • Dnrd 2.0

  • Dnrd 2.1

  • Dnrd 2.10

  • Dnrd 2.2

  • Dnrd 2.3

  • Dnrd 2.4

  • Dnrd 2.5

  • Dnrd 2.6

  • Dnrd 2.7

  • Dnrd 2.8

  • Dnrd 2.9

  • Don Moore Mydns 0.10.0

  • Don Moore Mydns 0.6

  • Don Moore Mydns 0.7

  • Don Moore Mydns 0.8

  • Don Moore Mydns 0.9

  • Maradns 0.5.28

  • Maradns 0.5.29

  • Maradns 0.5.30

  • Maradns 0.5.31

  • Maradns 0.8.05

  • Pliant Dns Server

  • Posadis 0.50.4

  • Posadis 0.50.5

  • Posadis 0.50.6

  • Posadis 0.50.7

  • Posadis 0.50.8

  • Posadis 0.50.9

  • Posadis 0.60.0

  • Posadis 0.60.1

  • Posadis M5pre1

  • Posadis M5pre2

  • Qbik Wingate 3.0

  • Qbik Wingate 4.0.1

  • Qbik Wingate 4.1 Beta A

  • Qbik Wingate 6.0

  • Qbik Wingate 6.0.1 Build 993

  • Qbik Wingate 6.0.1 Build 995

  • Team Johnlong Raidendnsd


References

XF - dns-localhost-dos(17997)

BID - 11642

CONFIRM - http://www.posadis.org/advisories/pos_adv_006.txt

SECTRACK - 1012157

SECUNIA - 13145

MISC - http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf

MISC - http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en


Last Updated: 27 May 2016 10:38:46