Threat Encyclopedia

Multiple.Vendor.DNS.Message.Decompression.DoS

description-logoDescription

Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients.
This issue arises when an affected application handles a specially crafted DNS message.
A successful attack would crash the affected client or server.

affected-products-logoAffected Products

PowerDNS PowerDNS 2.9.16
PowerDNS PowerDNS 2.9.15
PowerDNS PowerDNS 2.8
PowerDNS PowerDNS 2.0 RC1
dnrd dnrd 2.10
dnrd dnrd 2.9
dnrd dnrd 2.8
dnrd dnrd 2.7
dnrd dnrd 2.6
DeleGate DeleGate 8.10.2
DeleGate DeleGate 8.10.1
DeleGate DeleGate 8.10
DeleGate DeleGate 8.9.6
DeleGate DeleGate 8.9.5
DeleGate DeleGate 8.9.4
DeleGate DeleGate 8.9.3
DeleGate DeleGate 8.9.2

Impact

Denial of service

recomended-action-logoRecommended Actions

The following versions are not affected by this issue; users are advised to upgrade:
- DeleGate 8.10.3 and subsequent versions.
- dnrd 2.18 and subsequent versions.
- PowerDNS 2.9.17.
Cisco has released advisory cisco-sn-20050524-dns to address this issue. Please see the referenced advisory for further information on obtaining fixes.

CVE References

CVE-2005-0036