Vulnerability Details : CVE-2009-0858
Potential exploit
The response_addname function in response.c in Daniel J. Bernstein djbdns 1.05 and earlier does not constrain offsets in the required manner, which allows remote attackers, with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses containing arbitrary records via crafted zone data for this subdomain.
Vulnerability category: Input validation
Products affected by CVE-2009-0858
- cpe:2.3:a:d.j.bernstein:djbdns:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0858
2.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0858
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:P |
8.6
|
4.9
|
NIST |
CWE ids for CVE-2009-0858
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0858
-
http://www.debian.org/security/2009/dsa-1831
[SECURITY] [DSA 1831-1] New djbdns packages fix privilege escalation
-
http://www.securityfocus.com/archive/1/501340/100/0/threaded
-
http://securityandthe.net/2009/03/05/security-issue-in-djbdns-confirmed/
4RaBet IndiaPatch
-
http://www.securityfocus.com/archive/1/501479/100/0/threaded
-
http://it.slashdot.org/article.pl?sid=09/03/05/2014249
Dan Bernstein Confirms Security Flaw In Djbdns - Slashdot
-
http://marc.info/?l=djbdns&m=123613000920446&w=2
'djbdns<=1.05 lets AXFRed subdomains overwrite domains' - MARC
-
http://www.securityfocus.com/bid/33937
Exploit
-
http://marc.info/?l=djbdns&m=123554945710038
'djbdns misformats some long response packets; patch and example' - MARC
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/49003
djbdns response packet spoofing CVE-2009-0858 Vulnerability Report
-
http://www.securityfocus.com/archive/1/501294/100/0/threaded
Jump to