[Japanese]

JVNDB-2005-000343

DeleGate DNS Message Decompression Denial of Service Vulnerability

Overview

DNS implementation in DeleGate does not handle a compressed DNS packet properly, which could cause an infinite loop.

Note that some other DNS packet processing systems have the issues related to this vulnerability. For more information on those systems, please refer to NISCC-589088 (JVN) and NISCC Advisory 589088/NISCC/DNS (CPNI Advisory 00432).
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [NVD Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
Affected Products


DeleGate.org
  • DeleGate 8.10.2 and eariler

Impact

An attacker could cause a Denial of Service (DoS) on DeleGate and other certain DNS packet processing systems by feeding a malformed DNS message itno them.
Solution

Please refer to the 'Vendor Information' and 'References' section for appropriate remediation.
Vendor Information

DeleGate.org
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2005-0036
References

  1. JVN : NISCC-589088 (Japanese)
  2. National Vulnerability Database (NVD) : CVE-2005-0036
  3. NISCC Vulnerability Advisory : 589088/NISCC/DNS
  4. CPNI Vulnerability Advisory : 00432
  5. SecurityFocus : 13729
  6. FrSIRT Advisories : FrSIRT/ADV-2005-0610
Revision History

  • [2008/05/21]
      Web page published

Date Public2005/05/24
Date First Published2008/05/21
Date Last Updated2008/05/21