CVE-2005-0036

The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html	Patch
http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en	Patch Vendor Advisory
http://www.osvdb.org/25291
http://www.securityfocus.com/bid/13729

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:delegate:delegate::::::::
	cpe:2.3:a:delegate:delegate:5.9.3:::::::*
	cpe:2.3:a:delegate:delegate:7.7.0:::::::*
	cpe:2.3:a:delegate:delegate:7.7.1:::::::*
	cpe:2.3:a:delegate:delegate:7.8.0:::::::*
	cpe:2.3:a:delegate:delegate:7.8.1:::::::*
	cpe:2.3:a:delegate:delegate:7.8.2:::::::*
	cpe:2.3:a:delegate:delegate:7.9.11:::::::*
	cpe:2.3:a:delegate:delegate:8.3.3:::::::*
	cpe:2.3:a:delegate:delegate:8.3.4:::::::*
	cpe:2.3:a:delegate:delegate:8.4.0:::::::*
	cpe:2.3:a:delegate:delegate:8.5.0:::::::*
	cpe:2.3:a:delegate:delegate:8.9:::::::*
	cpe:2.3:a:delegate:delegate:8.9.1:::::::*
	cpe:2.3:a:delegate:delegate:8.9.2:::::::*
	cpe:2.3:a:delegate:delegate:8.9.3:::::::*
	cpe:2.3:a:delegate:delegate:8.9.4:::::::*
	cpe:2.3:a:delegate:delegate:8.9.5:::::::*
	cpe:2.3:a:delegate:delegate:8.9.6:::::::*
	cpe:2.3:a:delegate:delegate:8.10:::::::*
	cpe:2.3:a:delegate:delegate:8.10.1:::::::*
	cpe:2.3:a:etl:delegate:5.9:::::::*
	cpe:2.3:a:etl:delegate:6.0:::::::*

History

No history.

Information

Published : 2005-12-31 05:00

Updated : 2008-09-05 20:45

NVD link : CVE-2005-0036

Mitre link : CVE-2005-0036

CVE.ORG link : CVE-2005-0036

JSON object : View

Products Affected

delegate

delegate

etl

delegate

CWE

NVD-CWE-Other

{"id": "CVE-2005-0036", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-12-31T05:00:00.000", "references": [{"url": "http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/25291", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/13729", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop."}], "lastModified": "2008-09-05T20:45:07.777", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:delegate:delegate:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA550D1F-C383-4AD1-9648-18E609159214", "versionEndIncluding": "8.10.2"}, {"criteria": "cpe:2.3:a:delegate:delegate:5.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC5364C4-C5A5-4621-AC56-BB845BEF8A83"}, {"criteria": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9180C95-FF6F-4A0C-9DE0-DFF6D8387698"}, {"criteria": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68FA1404-9FA2-4379-96BC-6D7970C0EAA5"}, {"criteria": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EABEE7AB-7C45-473E-9873-0423F2249F96"}, {"criteria": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1F66F57-6AEB-4E3C-B148-BC7D11E1EBEC"}, {"criteria": "cpe:2.3:a:delegate:delegate:7.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "611AD3E5-708F-46BB-B21D-09598E1C4771"}, {"criteria": "cpe:2.3:a:delegate:delegate:7.9.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD59AEEB-D524-4337-8962-B29863CBC889"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F15245AF-B9B6-4D46-A901-A781FC0BAF24"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7A3E1EB-89A5-4326-8977-9B462065C39B"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BD607D2-2B07-474B-A855-2C3319B42CED"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE4B4665-84C4-4129-9916-ABAC61B81FF5"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4131A4A5-5D67-4522-9A6E-E708815B5B86"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8C30DD0-C957-44BA-B44C-7B424E664B52"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC2E24A5-A864-4F42-A053-2FDA9D09A4B5"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0993A56D-3A68-464A-B580-BE2EC3846F3E"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EF6186E-90D1-4D22-A469-0E955D5F1EF7"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7323E750-C596-46FC-AA85-9271CC9C2CE7"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A53A0AC-B047-4E60-A7E6-2E2710379F89"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6F8A23D-2106-4803-AD52-DCB42FB51E51"}, {"criteria": "cpe:2.3:a:delegate:delegate:8.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6DE1799-48D4-491A-AB1E-25169ED99F84"}, {"criteria": "cpe:2.3:a:etl:delegate:5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6584618-DFEC-416F-8335-7106EA25BE94"}, {"criteria": "cpe:2.3:a:etl:delegate:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18763780-3419-4EFE-ABC7-0BE51CC90881"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}