Intrusion PreventionMultiple.Vendor.DNS.Message.Decompression.DoS
Description
Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients.
This issue arises when an affected application handles a specially crafted DNS message.
A successful attack would crash the affected client or server.
Affected Products
PowerDNS PowerDNS 2.9.16
PowerDNS PowerDNS 2.9.15
PowerDNS PowerDNS 2.8
PowerDNS PowerDNS 2.0 RC1
dnrd dnrd 2.10
dnrd dnrd 2.9
dnrd dnrd 2.8
dnrd dnrd 2.7
dnrd dnrd 2.6
DeleGate DeleGate 8.10.2
DeleGate DeleGate 8.10.1
DeleGate DeleGate 8.10
DeleGate DeleGate 8.9.6
DeleGate DeleGate 8.9.5
DeleGate DeleGate 8.9.4
DeleGate DeleGate 8.9.3
DeleGate DeleGate 8.9.2
Impact
Denial of service
Recommended Actions
The following versions are not affected by this issue; users are advised to upgrade:
- DeleGate 8.10.3 and subsequent versions.
- dnrd 2.18 and subsequent versions.
- PowerDNS 2.9.17.
Cisco has released advisory cisco-sn-20050524-dns to address this issue. Please see the referenced advisory for further information on obtaining fixes.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-05-16 | 14.615 | Sig Added |
| ID | 13461 |
| Created | Oct 19, 2006 |
| Updated | Nov 03, 2021 |
| Risk |
|
| CVE ID | CVE-2005-0036 |
| Exploit Prediction Score | 2.02% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, Solaris, Other |
| Affected App | Other |