VDB
CVE-2008-4194
CVE-2008-4194
PUBLISHED
CVSS 5 MEDIUM
The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."
EPSS 11.66% · 93.8th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
11.66%
93.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| pdnsd | pdnsd | 1.1.10-par, 0, 1.1.7 |
| n/a | n/a | n/a |
Exploit Intelligence
- CIRCL confirmed: CVE-2008-4194 (circl-sighting)
- CIRCL confirmed: CVE-2008-4194 (circl-sighting)
- CIRCL confirmed: CVE-2008-4194 (circl-sighting)
- http://www.phys.uu.nl/~rombouts/pdnsd.html (circl)
- http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog (circl)
- pdnsd-pexecquery-dos(45594) (circl)
- ADV-2008-2582 (circl)
Timeline
- Jul 23, 2008 PoC Published
- Jul 24, 2008 PoC Published
- Jul 25, 2008 PoC Published
- Sep 24, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score