Vulnerabilities > CVE-2006-2072 - Denial Of Service vulnerability in DeleGate DNS Response
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite.
Vulnerable Configurations
Nessus
NASL family | Firewalls |
NASL id | DELEGATE_DNS.NASL |
description | The remote host is running Delegate, a multi-application proxy. The remote version of this software is vulnerable to a denial of service when processing invalid DNS responses. An attacker may exploit this flaw to disable this service remotely. To exploit this flaw, an attacker would need to be able to inject malformed DNS responses to the queries sent by the remote application. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 21293 |
published | 2006-04-26 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/21293 |
title | DeleGate DNS Response Message DoS |
code |
|
References
- http://secunia.com/advisories/19750
- http://securitytracker.com/id?1015991
- http://www.kb.cert.org/vuls/id/955777
- http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en
- http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en
- http://www.securityfocus.com/bid/17691
- http://www.vupen.com/english/advisories/2006/1505
- http://www.vupen.com/english/advisories/2006/1506
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26081