Lucene search

MitreCVE-2008-3208

HistoryJul 18, 2008 - 3:13 p.m.

CVE-2008-3208

2008-07-1815:13:00

CWE-20

mitre

web.nvd.nist.gov

cve-2008-3208

denial of service

dns reply packets

simple dns plus

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.107

Percentile

95.1%

JSON

Simple DNS Plus 4.1, 5.0, and possibly other versions before 5.1.101 allows remote attackers to cause a denial of service via multiple DNS reply packets.

Affected configurations

Nvd

Node

simplednssimple_dns_plusRange≤5.1.101

simplednssimple_dns_plusMatch4.1

simplednssimple_dns_plusMatch5.0

VendorProductVersionCPE
simplednssimple_dns_plus*cpe:2.3:a:simpledns:simple_dns_plus:*:*:*:*:*:*:*:*
simplednssimple_dns_plus4.1cpe:2.3:a:simpledns:simple_dns_plus:4.1:*:*:*:*:*:*:*
simplednssimple_dns_plus5.0cpe:2.3:a:simpledns:simple_dns_plus:5.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
simpledns	simple_dns_plus	*	cpe:2.3:a:simpledns:simple_dns_plus::::::::
simpledns	simple_dns_plus	4.1	cpe:2.3:a:simpledns:simple_dns_plus:4.1:::::::*
simpledns	simple_dns_plus	5.0	cpe:2.3:a:simpledns:simple_dns_plus:5.0:::::::*

References

securityreason.com/securityalert/4011

www.blackhat.org.il/index.php/simple-dns-plus-5041-remote-denial-of-service-exploit/

www.securityfocus.com/archive/1/494304/100/0/threaded

www.securityfocus.com/bid/30207

www.simpledns.com/kb.aspx?kbid=1246

exchange.xforce.ibmcloud.com/vulnerabilities/43767

www.exploit-db.com/exploits/6059

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.107

Percentile

95.1%

JSON

Related for CVE-2008-3208