CVE-2005-2301

PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:powerdns:powerdns:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.3a:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.6:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.7:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.8:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.10:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.11:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.12:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.13:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.14:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.16:*:*:*:*:*:*:*
cpe:2.3:a:powerdns:powerdns:2.9.17:*:*:*:*:*:*:*

History

20 Nov 2024, 23:59

Type Values Removed Values Added
References () http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18 - () http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18 -
References () http://marc.info/?l=bugtraq&m=112155941310297&w=2 - () http://marc.info/?l=bugtraq&m=112155941310297&w=2 -
References () http://securitytracker.com/id?1014504 - () http://securitytracker.com/id?1014504 -
References () http://www.novell.com/linux/security/advisories/2005_19_sr.html - () http://www.novell.com/linux/security/advisories/2005_19_sr.html -
References () http://www.securityfocus.com/bid/14290 - () http://www.securityfocus.com/bid/14290 -

Information

Published : 2005-07-19 04:00

Updated : 2024-11-20 23:59


NVD link : CVE-2005-2301

Mitre link : CVE-2005-2301

CVE.ORG link : CVE-2005-2301


JSON object : View

Products Affected

powerdns

  • powerdns