CVE-2008-3210 - OpenCVE

rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Resiprocate	Resiprocate

Configuration 1 [-]

cpe:2.3:a:resiprocate:resiprocate:1.3.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://labs.mudynamics.com/advisories/MU-200807-01.txt
http://secunia.com/advisories/31058
http://securityreason.com/securityalert/4013
http://www.resiprocate.org/ReSIProcate_1.3.3_Release
http://www.securityfocus.com/bid/30194
https://exchange.xforce.ibmcloud.com/vulnerabilities/43770
https://www.exploit-db.com/exploits/6046

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-07-18T15:00:00

Updated: 2024-08-07T09:28:41.736Z

Reserved: 2008-07-18T00:00:00

Link: CVE-2008-3210

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-07-18T15:13:00.000

Modified: 2017-09-29T01:31:34.943

Link: CVE-2008-3210

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-10T00:00:00", "descriptions": [{"lang": "en", "value": "rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "resiprocate-dnsstub-dos(43770)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43770"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.resiprocate.org/ReSIProcate_1.3.3_Release"}, {"name": "6046", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/6046"}, {"name": "31058", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31058"}, {"name": "4013", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/4013"}, {"name": "30194", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30194"}, {"tags": ["x_refsource_MISC"], "url": "http://labs.mudynamics.com/advisories/MU-200807-01.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-3210", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "resiprocate-dnsstub-dos(43770)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43770"}, {"name": "http://www.resiprocate.org/ReSIProcate_1.3.3_Release", "refsource": "CONFIRM", "url": "http://www.resiprocate.org/ReSIProcate_1.3.3_Release"}, {"name": "6046", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6046"}, {"name": "31058", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31058"}, {"name": "4013", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/4013"}, {"name": "30194", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30194"}, {"name": "http://labs.mudynamics.com/advisories/MU-200807-01.txt", "refsource": "MISC", "url": "http://labs.mudynamics.com/advisories/MU-200807-01.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:28:41.736Z"}, "title": "CVE Program Container", "references": [{"name": "resiprocate-dnsstub-dos(43770)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43770"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.resiprocate.org/ReSIProcate_1.3.3_Release"}, {"name": "6046", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/6046"}, {"name": "31058", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31058"}, {"name": "4013", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/4013"}, {"name": "30194", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/30194"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://labs.mudynamics.com/advisories/MU-200807-01.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-3210", "datePublished": "2008-07-18T15:00:00", "dateReserved": "2008-07-18T00:00:00", "dateUpdated": "2024-08-07T09:28:41.736Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:resiprocate:resiprocate:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "09EE31F1-6C60-4C1C-8849-28DB007E3CC5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error."}, {"lang": "es", "value": "rutil/dns/DnsStub.cxx en ReSIProcate 1.3.2, usado por repro, permite a atacantes remotos causar una denegaci\u00f3n de servicio (con ca\u00edda del demonio) a trav\u00e9s de un mensaje SIP (1) INVITE o (2) OPTIONS con un nombre de dominio excesivamente largo en una peticion de URI, lo cual ocasiona un error de confirmaci\u00f3n."}], "id": "CVE-2008-3210", "lastModified": "2017-09-29T01:31:34.943", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-07-18T15:13:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://labs.mudynamics.com/advisories/MU-200807-01.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31058"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/4013"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.resiprocate.org/ReSIProcate_1.3.3_Release"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/30194"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43770"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/6046"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}