Vulnerability CVE-2005-0037 - CERT Civis.Net

Vulnerability Name:

CVE-2005-0037 (CCN-20712)

Assigned:

2005-05-24

Published:

2005-05-24

Updated:

2008-09-05

Summary:

The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
This vulnerability is addressed in the following product release:
dnrd, dnrd, 2.10

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2005-0036

Source: MITRE
Type: CNA
CVE-2005-0037

Source: MITRE
Type: CNA
CVE-2005-0038

Source: MITRE
Type: CNA
CVE-2005-4794

Source: CCN
Type: SA15472
Cisco Various Products Compressed DNS Messages Denial of Service

Source: CCN
Type: SECTRACK ID: 1014043
Cisco IP Phones Can Be Crashed With Specially Crafted Compressed DNS Data

Source: CCN
Type: SECTRACK ID: 1014044
Cisco ATA Can Be Crashed With Specially Crafted Compressed DNS Data

Source: CCN
Type: SECTRACK ID: 1014045
Cisco Unity Express Can Be Crashed With Specially Crafted Compressed DNS Data

Source: CCN
Type: SECTRACK ID: 1014046
Cisco ACNS Can Be Crashed With Specially Crafted Compressed DNS Data

Source: CCN
Type: SECTRACK ID: 1015975
Cisco Subscriber Edge Services Manager Can Be Crashed With Specially Crafted Compressed DNS Data

Source: CCN
Type: Cisco Security Notice 2005 May 24 1200 UTC (GMT)
Crafted DNS Packet Can Cause Denial Of Service

Source: CCN
Type: NISCC Vulnerability Advisory 589088/NISCC/DNS
Vulnerability Issue in Implementations of the DNS Protocol

Source: MISC
Type: Patch
http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html

Source: MISC
Type: UNKNOWN
http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en

Source: OSVDB
Type: UNKNOWN
25291

Source: CCN
Type: OSVDB ID: 19003
Multiple Vendor Unspecified Compressed DNS Message DoS (1)

Source: CCN
Type: OSVDB ID: 19004
Cisco Multiple Products Unspecified Compressed DNS Message DoS (2)

Source: CCN
Type: OSVDB ID: 19005
Cisco Multiple Products Unspecified Compressed DNS Message DoS (3)

Source: CCN
Type: OSVDB ID: 25291
Multiple Vendor Crafted Compressed DNS Packet DoS

Source: BID
Type: UNKNOWN
13729

Source: CCN
Type: BID-13729
Multiple Vendor DNS Message Decompression Remote Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
cisco-dns-dos(20712)

Vulnerable Configuration:

Configuration 1:

cpe:/a:dnrd:dnrd:1.0:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.1:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.2:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.3:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.4:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.0:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.1:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.2:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.3:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.4:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.5:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.6:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.7:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.8:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.9:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:delegate:delegate:7.7.0:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:7.7.1:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:7.8.0:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:7.8.1:*:*:*:*:*:*:*

OR cpe:/h:cisco:ata-186:*:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.3.4:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.4.0:*:*:*:*:*:*:*

OR cpe:/a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:ip_phone_7902:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:ip_phone_7905:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:ip_phone_7912:*:*:*:*:*:*:*:*

OR cpe:/a:cisco:subscriber_edge_services_manager:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:unity_express:*:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.10.2:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.10.1:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.10:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.9.6:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.9.5:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.9.4:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.9.3:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.9.2:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.9.1:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.9:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.5.0:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:8.3.3:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:7.9.11:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:7.8.2:*:*:*:*:*:*:*

OR cpe:/a:delegate:delegate:5.9.3:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.9:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.8:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.7:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.6:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.5:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.4:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.3:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.2:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.1:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:2.0:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.4:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.3:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.2:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.1:*:*:*:*:*:*:*

OR cpe:/a:dnrd:dnrd:1.0:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.16:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.14:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.13:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.12:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.11:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.10:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.8:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.7:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.6:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.5:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.4:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.3a:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.2:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.1:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.9.0:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.8:*:*:*:*:*:*:*

OR cpe:/a:powerdns:powerdns:2.0:rc1:*:*:*:*:*:*

Denotes that component is vulnerable