CyberSec.Space Logo
返回 CVE 浏览器

CVE-2008-4194

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile44.84th
Published2008年9月24日
Last Modified2026年4月23日

Vulnerability Description

The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."

Affected Platforms (CPE)

📦
Pdnsd

Pdnsd

<= 1.2.6-par
📦
Pdnsd

Pdnsd

= 1.1.7
📦
Pdnsd

Pdnsd

= 1.1.7a
📦
Pdnsd

Pdnsd

= 1.1.8b1-par4
📦
Pdnsd

Pdnsd

= 1.1.8b1-par5
📦
Pdnsd

Pdnsd

= 1.1.8b1-par6
📦
Pdnsd

Pdnsd

= 1.1.8b1-par7
📦
Pdnsd

Pdnsd

= 1.1.8b1-par8
📦
Pdnsd

Pdnsd

= 1.1.9-par
📦
Pdnsd

Pdnsd

= 1.1.10-par
📦
Pdnsd

Pdnsd

= 1.1.11-par
📦
Pdnsd

Pdnsd

= 1.1.11a-par
📦
Pdnsd

Pdnsd

= 1.2-par
📦
Pdnsd

Pdnsd

= 1.2.1_par
📦
Pdnsd

Pdnsd

= 1.2.4-par
📦
Pdnsd

Pdnsd

= 1.2.5-par

References & Advisories

🔗 http://www.phys.uu.nl/~rombouts/pdnsd.html
🔗 http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
🔗 http://www.vupen.com/english/advisories/2008/2582
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/45594
🔗 http://www.phys.uu.nl/~rombouts/pdnsd.html
🔗 http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
🔗 http://www.vupen.com/english/advisories/2008/2582
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/45594

相关漏洞威胁

CVE-1999-074510.0

Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.

CVE-2006-207710.0

Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact and attack vectors. NOTE: this issue might be related to t...

CVE-2006-20765.0

Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote attackers to cause a denial of service (memory consumption) via a DN...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...