CVE-2004-0789 - Vulnerability Details

Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Axis	2100 Network Camera 2110 Network Camera 2120 Network Camera 2400 Video Server 2401 Video Server 2420 Network Camera 2460 Network Dvr
Delegate	Delegate
Dnrd	Dnrd
Don Moore	Mydns
Maradns	Maradns
Pliant	Pliant Dns Server
Posadis	Posadis
Qbik	Wingate
Team Johnlong	Raidendnsd

Configuration 1 [-]

OR	cpe:2.3:a:delegate:delegate:7.7.0:::::::*
	cpe:2.3:a:delegate:delegate:7.7.1:::::::*
	cpe:2.3:a:delegate:delegate:7.8.0:::::::*
	cpe:2.3:a:delegate:delegate:7.8.1:::::::*
	cpe:2.3:a:delegate:delegate:7.8.2:::::::*
	cpe:2.3:a:delegate:delegate:7.9.11:::::::*
	cpe:2.3:a:delegate:delegate:8.3.3:::::::*
	cpe:2.3:a:delegate:delegate:8.3.4:::::::*
	cpe:2.3:a:delegate:delegate:8.4.0:::::::*
	cpe:2.3:a:delegate:delegate:8.5.0:::::::*
	cpe:2.3:a:delegate:delegate:8.9:::::::*
	cpe:2.3:a:delegate:delegate:8.9.1:::::::*
	cpe:2.3:a:delegate:delegate:8.9.2:::::::*
	cpe:2.3:a:delegate:delegate:8.9.3:::::::*
	cpe:2.3:a:delegate:delegate:8.9.4:::::::*
	cpe:2.3:a:delegate:delegate:8.9.5:::::::*
	cpe:2.3:a:dnrd:dnrd:1.0:::::::*
	cpe:2.3:a:dnrd:dnrd:1.1:::::::*
	cpe:2.3:a:dnrd:dnrd:1.2:::::::*
	cpe:2.3:a:dnrd:dnrd:1.3:::::::*
	cpe:2.3:a:dnrd:dnrd:1.4:::::::*
	cpe:2.3:a:dnrd:dnrd:2.0:::::::*
	cpe:2.3:a:dnrd:dnrd:2.1:::::::*
	cpe:2.3:a:dnrd:dnrd:2.2:::::::*
	cpe:2.3:a:dnrd:dnrd:2.3:::::::*
	cpe:2.3:a:dnrd:dnrd:2.4:::::::*
	cpe:2.3:a:dnrd:dnrd:2.5:::::::*
	cpe:2.3:a:dnrd:dnrd:2.6:::::::*
	cpe:2.3:a:dnrd:dnrd:2.7:::::::*
	cpe:2.3:a:dnrd:dnrd:2.8:::::::*
	cpe:2.3:a:dnrd:dnrd:2.9:::::::*
	cpe:2.3:a:dnrd:dnrd:2.10:::::::*
	cpe:2.3:a:don_moore:mydns:0.6:::::::*
	cpe:2.3:a:don_moore:mydns:0.7:::::::*
	cpe:2.3:a:don_moore:mydns:0.8:::::::*
	cpe:2.3:a:don_moore:mydns:0.9:::::::*
	cpe:2.3:a:don_moore:mydns:0.10.0:::::::*
	cpe:2.3:a:maradns:maradns:0.5.28:::::::*
	cpe:2.3:a:maradns:maradns:0.5.29:::::::*
	cpe:2.3:a:maradns:maradns:0.5.30:::::::*
	cpe:2.3:a:maradns:maradns:0.5.31:::::::*
	cpe:2.3:a:maradns:maradns:0.8.05:::::::*
	cpe:2.3:a:pliant:pliant_dns_server::::::::
	cpe:2.3:a:posadis:posadis:0.50.4:::::::*
	cpe:2.3:a:posadis:posadis:0.50.5:::::::*
	cpe:2.3:a:posadis:posadis:0.50.6:::::::*
	cpe:2.3:a:posadis:posadis:0.50.7:::::::*
	cpe:2.3:a:posadis:posadis:0.50.8:::::::*
	cpe:2.3:a:posadis:posadis:0.50.9:::::::*
	cpe:2.3:a:posadis:posadis:0.60.0:::::::*
	cpe:2.3:a:posadis:posadis:0.60.1:::::::*
	cpe:2.3:a:posadis:posadis:m5pre1:::::::*
	cpe:2.3:a:posadis:posadis:m5pre2:::::::*
	cpe:2.3:a:qbik:wingate:3.0:::::::*
	cpe:2.3:a:qbik:wingate:4.0.1:::::::*
	cpe:2.3:a:qbik:wingate:4.1_beta_a:::::::*
	cpe:2.3:a:qbik:wingate:6.0:::::::*
	cpe:2.3:a:qbik:wingate:6.0.1_build_993:::::::*
	cpe:2.3:a:qbik:wingate:6.0.1_build_995:::::::*
	cpe:2.3:a:team_johnlong:raidendnsd::::::::

Configuration 2 [-]

OR	cpe:2.3:h:axis:2100_network_camera:2.0:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.01:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.02:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.03:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.12:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.30:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.31:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.32:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.33:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.34:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.40:::::::*
	cpe:2.3:h:axis:2100_network_camera:2.41:::::::*
	cpe:2.3:h:axis:2110_network_camera:2.12:::::::*
	cpe:2.3:h:axis:2110_network_camera:2.30:::::::*
	cpe:2.3:h:axis:2110_network_camera:2.31:::::::*
	cpe:2.3:h:axis:2110_network_camera:2.32:::::::*
	cpe:2.3:h:axis:2110_network_camera:2.34:::::::*
	cpe:2.3:h:axis:2110_network_camera:2.40:::::::*
	cpe:2.3:h:axis:2110_network_camera:2.41:::::::*
	cpe:2.3:h:axis:2120_network_camera:2.12:::::::*
	cpe:2.3:h:axis:2120_network_camera:2.30:::::::*
	cpe:2.3:h:axis:2120_network_camera:2.31:::::::*
	cpe:2.3:h:axis:2120_network_camera:2.32:::::::*
	cpe:2.3:h:axis:2120_network_camera:2.34:::::::*
	cpe:2.3:h:axis:2120_network_camera:2.40:::::::*
	cpe:2.3:h:axis:2120_network_camera:2.41:::::::*
	cpe:2.3:h:axis:2400_video_server:3.11:::::::*
	cpe:2.3:h:axis:2400_video_server:3.12:::::::*
	cpe:2.3:h:axis:2401_video_server:3.12:::::::*
	cpe:2.3:h:axis:2420_network_camera:2.12:::::::*
	cpe:2.3:h:axis:2420_network_camera:2.30:::::::*
	cpe:2.3:h:axis:2420_network_camera:2.31:::::::*
	cpe:2.3:h:axis:2420_network_camera:2.32:::::::*
	cpe:2.3:h:axis:2420_network_camera:2.33:::::::*
	cpe:2.3:h:axis:2420_network_camera:2.34:::::::*
	cpe:2.3:h:axis:2420_network_camera:2.40:::::::*
	cpe:2.3:h:axis:2420_network_camera:2.41:::::::*
	cpe:2.3:h:axis:2460_network_dvr:3.12:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/13145
http://securitytracker.com/id?1012157
http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en
http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf
http://www.posadis.org/advisories/pos_adv_006.txt
http://www.securityfocus.com/bid/11642
https://exchange.xforce.ibmcloud.com/vulnerabilities/17997

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-09-01T04:00:00

Updated: 2024-08-08T00:31:46.847Z

Reserved: 2004-08-17T00:00:00

Link: CVE-2004-0789

Vulnrichment

No data.

NVD

Status : Modified

Published: 2004-12-31T05:00:00.000

Modified: 2024-11-20T23:49:24.677

Link: CVE-2004-0789

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object