QwikSec

Security Database

CVE

CWE

Training

CVE-2004-0789

Published: Sep 1, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

dns-localhost-dos(17997)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en

x_refsource_MISC

http://www.posadis.org/advisories/pos_adv_006.txt

x_refsource_CONFIRM

http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.