Vulnerability Name:

CVE-2005-4794 (CCN-20712)

Assigned:2005-05-24
Published:2005-05-24
Updated:2017-07-20
Summary:Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset.
Cisco has released advisory cisco-sn-20050524-dns to address this issue. Please see the referenced advisory for further information on obtaining fixes.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2005-0036

Source: MITRE
Type: CNA
CVE-2005-0037

Source: MITRE
Type: CNA
CVE-2005-0038

Source: MITRE
Type: CNA
CVE-2005-4794

Source: CCN
Type: SA15472
Cisco Various Products Compressed DNS Messages Denial of Service

Source: SECUNIA
Type: Vendor Advisory
15472

Source: CCN
Type: SECTRACK ID: 1014043
Cisco IP Phones Can Be Crashed With Specially Crafted Compressed DNS Data

Source: SECTRACK
Type: UNKNOWN
1014043

Source: CCN
Type: SECTRACK ID: 1014044
Cisco ATA Can Be Crashed With Specially Crafted Compressed DNS Data

Source: SECTRACK
Type: UNKNOWN
1014044

Source: CCN
Type: SECTRACK ID: 1014045
Cisco Unity Express Can Be Crashed With Specially Crafted Compressed DNS Data

Source: SECTRACK
Type: UNKNOWN
1014045

Source: CCN
Type: SECTRACK ID: 1014046
Cisco ACNS Can Be Crashed With Specially Crafted Compressed DNS Data

Source: SECTRACK
Type: UNKNOWN
1014046

Source: CCN
Type: SECTRACK ID: 1015975
Cisco Subscriber Edge Services Manager Can Be Crashed With Specially Crafted Compressed DNS Data

Source: SECTRACK
Type: UNKNOWN
1015975

Source: CCN
Type: Cisco Security Notice 2005 May 24 1200 UTC (GMT)
Crafted DNS Packet Can Cause Denial Of Service

Source: CISCO
Type: UNKNOWN
20050524 Crafted DNS Packet Can Cause Denial Of Service

Source: CCN
Type: NISCC Vulnerability Advisory 589088/NISCC/DNS
Vulnerability Issue in Implementations of the DNS Protocol

Source: MISC
Type: UNKNOWN
http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html

Source: MISC
Type: UNKNOWN
http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en

Source: OSVDB
Type: UNKNOWN
19003

Source: CCN
Type: OSVDB ID: 19003
Multiple Vendor Unspecified Compressed DNS Message DoS (1)

Source: CCN
Type: OSVDB ID: 19004
Cisco Multiple Products Unspecified Compressed DNS Message DoS (2)

Source: CCN
Type: OSVDB ID: 19005
Cisco Multiple Products Unspecified Compressed DNS Message DoS (3)

Source: CCN
Type: OSVDB ID: 25291
Multiple Vendor Crafted Compressed DNS Packet DoS

Source: BID
Type: UNKNOWN
13729

Source: CCN
Type: BID-13729
Multiple Vendor DNS Message Decompression Remote Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
cisco-dns-dos(20712)

Source: XF
Type: UNKNOWN
cisco-dns-dos(20712)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:ata:186:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:ata:188:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:subscriber_edge_services_manager:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ip_phone_7902:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ip_phone_7905:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ip_phone_7912:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:unity_express:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:delegate:delegate:7.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:7.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:7.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:7.8.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ata-186:*:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ip_phone_7902:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ip_phone_7905:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:ip_phone_7912:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:subscriber_edge_services_manager:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:unity_express:*:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.10.2:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.10:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.9.6:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.9.4:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.9:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:8.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:7.9.11:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:7.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:delegate:delegate:5.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.9:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.8:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.7:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.6:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:dnrd:dnrd:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.16:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.14:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.13:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.12:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.11:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.10:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.8:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.7:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.6:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.4:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.3a:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.8:*:*:*:*:*:*:*
  • OR cpe:/a:powerdns:powerdns:2.0:rc1:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco application and content networking software *
    cisco ata 186
    cisco ata 188
    cisco subscriber edge services manager *
    cisco ip phone 7902 *
    cisco ip phone 7905 *
    cisco ip phone 7912 *
    cisco unity express *
    delegate delegate 7.7.0
    delegate delegate 7.7.1
    delegate delegate 7.8.0
    delegate delegate 7.8.1
    cisco ata-186 *
    delegate delegate 8.3.4
    delegate delegate 8.4.0
    cisco application and content networking software *
    cisco ip phone 7902 *
    cisco ip phone 7905 *
    cisco ip phone 7912 *
    cisco subscriber edge services manager *
    cisco unity express *
    delegate delegate 8.10.2
    delegate delegate 8.10.1
    delegate delegate 8.10
    delegate delegate 8.9.6
    delegate delegate 8.9.5
    delegate delegate 8.9.4
    delegate delegate 8.9.3
    delegate delegate 8.9.2
    delegate delegate 8.9.1
    delegate delegate 8.9
    delegate delegate 8.5.0
    delegate delegate 8.3.3
    delegate delegate 7.9.11
    delegate delegate 7.8.2
    delegate delegate 5.9.3
    dnrd dnrd 2.9
    dnrd dnrd 2.8
    dnrd dnrd 2.7
    dnrd dnrd 2.6
    dnrd dnrd 2.5
    dnrd dnrd 2.4
    dnrd dnrd 2.3
    dnrd dnrd 2.2
    dnrd dnrd 2.1
    dnrd dnrd 2.0
    dnrd dnrd 1.4
    dnrd dnrd 1.3
    dnrd dnrd 1.2
    dnrd dnrd 1.1
    dnrd dnrd 1.0
    powerdns powerdns 2.9.16
    powerdns powerdns 2.9.15
    powerdns powerdns 2.9.14
    powerdns powerdns 2.9.13
    powerdns powerdns 2.9.12
    powerdns powerdns 2.9.11
    powerdns powerdns 2.9.10
    powerdns powerdns 2.9.8
    powerdns powerdns 2.9.7
    powerdns powerdns 2.9.6
    powerdns powerdns 2.9.5
    powerdns powerdns 2.9.4
    powerdns powerdns 2.9.3a
    powerdns powerdns 2.9.2
    powerdns powerdns 2.9.1
    powerdns powerdns 2.9.0
    powerdns powerdns 2.8
    powerdns powerdns 2.0 rc1