Vulnerabilities > CVE-2005-4794 - Remote Denial of Service vulnerability in Multiple Vendor DNS Message Decompression

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

cisco

NVD

Published: 2005-12-31

Updated: 2017-07-20

Summary

Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. Cisco has released advisory cisco-sn-20050524-dns to address this issue. Please see the referenced advisory for further information on obtaining fixes.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Application AND Content Networking Software * Cisco ATA 186 Cisco ATA 188 Cisco Subscriber Edge Services Manager *	4
Hardware	Cisco Cisco IP Phone 7902 * Cisco IP Phone 7905 * Cisco IP Phone 7912 * Cisco Unity Express *	4

Summary

Vulnerable Configurations

References