{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-25T00:00:00", "descriptions": [{"lang": "en", "value": "The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a \"dangling pointer bug.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"name": "pdnsd-pexecquery-dos(45594)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45594"}, {"name": "ADV-2008-2582", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2582"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4194", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a \"dangling pointer bug.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "refsource": "CONFIRM", "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"name": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "refsource": "CONFIRM", "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"name": "pdnsd-pexecquery-dos(45594)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45594"}, {"name": "ADV-2008-2582", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2582"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:08:34.942Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"name": "pdnsd-pexecquery-dos(45594)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45594"}, {"name": "ADV-2008-2582", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2582"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4194", "datePublished": "2008-09-24T10:00:00", "dateReserved": "2008-09-23T00:00:00", "dateUpdated": "2024-08-07T10:08:34.942Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pdnsd:pdnsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "48C89DEE-EA5F-4A74-8D84-9632633DC9D8", "versionEndIncluding": "1.2.6-par", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "72E5E5EA-123B-4187-BAC0-77B3034BB665", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1848A537-D8B7-4C56-980B-B19237603A21", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par4:*:*:*:*:*:*:*", "matchCriteriaId": "6AA9D9AA-7FD4-4640-8A05-F353F193F624", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par5:*:*:*:*:*:*:*", "matchCriteriaId": "55C8B60D-9ABF-44EA-8C5F-737F12790C39", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par6:*:*:*:*:*:*:*", "matchCriteriaId": "958FDA46-C58C-440E-B164-A88681CCDE50", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par7:*:*:*:*:*:*:*", "matchCriteriaId": "4A591F5A-9C82-4125-9F3E-F8FB22F84A74", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.8b1-par8:*:*:*:*:*:*:*", "matchCriteriaId": "A48F1CAE-0A43-43AD-8945-2EDDAE3A3E97", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.9-par:*:*:*:*:*:*:*", "matchCriteriaId": "8587AC06-C4F3-4078-A661-602BA9E568B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.10-par:*:*:*:*:*:*:*", "matchCriteriaId": "E4DAA355-14BE-4462-B1D0-A2D4B5642ECF", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.11-par:*:*:*:*:*:*:*", "matchCriteriaId": "EE0CC736-279C-4215-98CE-4904A35B4C4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.1.11a-par:*:*:*:*:*:*:*", "matchCriteriaId": "176CCFD5-9AE7-43B2-9DE5-EA09C22465E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.2-par:*:*:*:*:*:*:*", "matchCriteriaId": "CA858757-834E-45E1-BB1A-E9A9E377C6FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.2.1_par:*:*:*:*:*:*:*", "matchCriteriaId": "DF7A894A-4CE6-415E-8601-F495D8DBEE0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.2.4-par:*:*:*:*:*:*:*", "matchCriteriaId": "1FEE1472-7A5B-4344-8B95-EC898D55419E", "vulnerable": true}, {"criteria": "cpe:2.3:a:pdnsd:pdnsd:1.2.5-par:*:*:*:*:*:*:*", "matchCriteriaId": "853163E2-965E-4E35-9DD1-05710F1CAF3B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a \"dangling pointer bug.\""}, {"lang": "es", "value": "La funci\u00f3n p_exec_query en src/dns_query.c de pdnsd antes de 1.2.7-par permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) mediante una respuesta DNS con muchas entradas en la secci\u00f3n de respuesta, relacionado con un \"dangling pointer bug (error de puntero colgado)\"."}], "id": "CVE-2008-4194", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-09-24T11:42:25.327", "references": [{"source": "cve@mitre.org", "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"source": "cve@mitre.org", "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2582"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45594"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2582"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45594"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}