CVE-2004-0789 - 漏洞详情

CVE-2004-0789 (CNNVD-200412-718)

MEDIUM

中文标题:

多个供应商DNS响应泛滥拒绝服务漏洞

英文标题:

Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Po...

CVSS分数: 5.0

发布时间: 2005-09-01 04:00:00

漏洞类型: 授权问题

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

DNS协议的多种实现方式存在漏洞，包括：(1)如Posadis所使用的Poslib 1.0.2-1及其以前的版本，(2) 固件3.13以前版本中的AxisNetwork产品，和(3)Men & Mice Suite 2.2.3以前的2.2x版本和3.5.2以前的3.5.x版本，远程攻击者借助(a)具有本地主机的DNS查询包作为一个欺骗性的源地址或者(b)触发一个响应包的应答包，从而触发一个通讯环导致服务拒绝（CPU和网络带宽消耗）。

英文描述:

Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.

CWE类型:

（暂无数据）

受影响产品

厂商	产品	版本	版本范围	平台	CPE
delegate	delegate	7.7.0	-	-	`cpe:2.3:a:delegate:delegate:7.7.0:::::::*`
delegate	delegate	7.7.1	-	-	`cpe:2.3:a:delegate:delegate:7.7.1:::::::*`
delegate	delegate	7.8.0	-	-	`cpe:2.3:a:delegate:delegate:7.8.0:::::::*`
delegate	delegate	7.8.1	-	-	`cpe:2.3:a:delegate:delegate:7.8.1:::::::*`
delegate	delegate	7.8.2	-	-	`cpe:2.3:a:delegate:delegate:7.8.2:::::::*`
delegate	delegate	7.9.11	-	-	`cpe:2.3:a:delegate:delegate:7.9.11:::::::*`
delegate	delegate	8.3.3	-	-	`cpe:2.3:a:delegate:delegate:8.3.3:::::::*`
delegate	delegate	8.3.4	-	-	`cpe:2.3:a:delegate:delegate:8.3.4:::::::*`
delegate	delegate	8.4.0	-	-	`cpe:2.3:a:delegate:delegate:8.4.0:::::::*`
delegate	delegate	8.5.0	-	-	`cpe:2.3:a:delegate:delegate:8.5.0:::::::*`
delegate	delegate	8.9	-	-	`cpe:2.3:a:delegate:delegate:8.9:::::::*`
delegate	delegate	8.9.1	-	-	`cpe:2.3:a:delegate:delegate:8.9.1:::::::*`
delegate	delegate	8.9.2	-	-	`cpe:2.3:a:delegate:delegate:8.9.2:::::::*`
delegate	delegate	8.9.3	-	-	`cpe:2.3:a:delegate:delegate:8.9.3:::::::*`
delegate	delegate	8.9.4	-	-	`cpe:2.3:a:delegate:delegate:8.9.4:::::::*`
delegate	delegate	8.9.5	-	-	`cpe:2.3:a:delegate:delegate:8.9.5:::::::*`
dnrd	dnrd	1.0	-	-	`cpe:2.3:a:dnrd:dnrd:1.0:::::::*`
dnrd	dnrd	1.1	-	-	`cpe:2.3:a:dnrd:dnrd:1.1:::::::*`
dnrd	dnrd	1.2	-	-	`cpe:2.3:a:dnrd:dnrd:1.2:::::::*`
dnrd	dnrd	1.3	-	-	`cpe:2.3:a:dnrd:dnrd:1.3:::::::*`
dnrd	dnrd	1.4	-	-	`cpe:2.3:a:dnrd:dnrd:1.4:::::::*`
dnrd	dnrd	2.0	-	-	`cpe:2.3:a:dnrd:dnrd:2.0:::::::*`
dnrd	dnrd	2.1	-	-	`cpe:2.3:a:dnrd:dnrd:2.1:::::::*`
dnrd	dnrd	2.2	-	-	`cpe:2.3:a:dnrd:dnrd:2.2:::::::*`
dnrd	dnrd	2.3	-	-	`cpe:2.3:a:dnrd:dnrd:2.3:::::::*`
dnrd	dnrd	2.4	-	-	`cpe:2.3:a:dnrd:dnrd:2.4:::::::*`
dnrd	dnrd	2.5	-	-	`cpe:2.3:a:dnrd:dnrd:2.5:::::::*`
dnrd	dnrd	2.6	-	-	`cpe:2.3:a:dnrd:dnrd:2.6:::::::*`
dnrd	dnrd	2.7	-	-	`cpe:2.3:a:dnrd:dnrd:2.7:::::::*`
dnrd	dnrd	2.8	-	-	`cpe:2.3:a:dnrd:dnrd:2.8:::::::*`
dnrd	dnrd	2.9	-	-	`cpe:2.3:a:dnrd:dnrd:2.9:::::::*`
dnrd	dnrd	2.10	-	-	`cpe:2.3:a:dnrd:dnrd:2.10:::::::*`
don_moore	mydns	0.6	-	-	`cpe:2.3:a:don_moore:mydns:0.6:::::::*`
don_moore	mydns	0.7	-	-	`cpe:2.3:a:don_moore:mydns:0.7:::::::*`
don_moore	mydns	0.8	-	-	`cpe:2.3:a:don_moore:mydns:0.8:::::::*`
don_moore	mydns	0.9	-	-	`cpe:2.3:a:don_moore:mydns:0.9:::::::*`
don_moore	mydns	0.10.0	-	-	`cpe:2.3:a:don_moore:mydns:0.10.0:::::::*`
maradns	maradns	0.5.28	-	-	`cpe:2.3:a:maradns:maradns:0.5.28:::::::*`
maradns	maradns	0.5.29	-	-	`cpe:2.3:a:maradns:maradns:0.5.29:::::::*`
maradns	maradns	0.5.30	-	-	`cpe:2.3:a:maradns:maradns:0.5.30:::::::*`
maradns	maradns	0.5.31	-	-	`cpe:2.3:a:maradns:maradns:0.5.31:::::::*`
maradns	maradns	0.8.05	-	-	`cpe:2.3:a:maradns:maradns:0.8.05:::::::*`
pliant	pliant_dns_server	*	-	-	`cpe:2.3:a:pliant:pliant_dns_server::::::::`
posadis	posadis	0.50.4	-	-	`cpe:2.3:a:posadis:posadis:0.50.4:::::::*`
posadis	posadis	0.50.5	-	-	`cpe:2.3:a:posadis:posadis:0.50.5:::::::*`
posadis	posadis	0.50.6	-	-	`cpe:2.3:a:posadis:posadis:0.50.6:::::::*`
posadis	posadis	0.50.7	-	-	`cpe:2.3:a:posadis:posadis:0.50.7:::::::*`
posadis	posadis	0.50.8	-	-	`cpe:2.3:a:posadis:posadis:0.50.8:::::::*`
posadis	posadis	0.50.9	-	-	`cpe:2.3:a:posadis:posadis:0.50.9:::::::*`
posadis	posadis	0.60.0	-	-	`cpe:2.3:a:posadis:posadis:0.60.0:::::::*`
posadis	posadis	0.60.1	-	-	`cpe:2.3:a:posadis:posadis:0.60.1:::::::*`
posadis	posadis	m5pre1	-	-	`cpe:2.3:a:posadis:posadis:m5pre1:::::::*`
posadis	posadis	m5pre2	-	-	`cpe:2.3:a:posadis:posadis:m5pre2:::::::*`
qbik	wingate	3.0	-	-	`cpe:2.3:a:qbik:wingate:3.0:::::::*`
qbik	wingate	4.0.1	-	-	`cpe:2.3:a:qbik:wingate:4.0.1:::::::*`
qbik	wingate	4.1_beta_a	-	-	`cpe:2.3:a:qbik:wingate:4.1_beta_a:::::::*`
qbik	wingate	6.0	-	-	`cpe:2.3:a:qbik:wingate:6.0:::::::*`
qbik	wingate	6.0.1_build_993	-	-	`cpe:2.3:a:qbik:wingate:6.0.1_build_993:::::::*`
qbik	wingate	6.0.1_build_995	-	-	`cpe:2.3:a:qbik:wingate:6.0.1_build_995:::::::*`
team_johnlong	raidendnsd	*	-	-	`cpe:2.3:a:team_johnlong:raidendnsd::::::::`
axis	2100_network_camera	2.0	-	-	`cpe:2.3:h:axis:2100_network_camera:2.0:::::::*`
axis	2100_network_camera	2.01	-	-	`cpe:2.3:h:axis:2100_network_camera:2.01:::::::*`
axis	2100_network_camera	2.02	-	-	`cpe:2.3:h:axis:2100_network_camera:2.02:::::::*`
axis	2100_network_camera	2.03	-	-	`cpe:2.3:h:axis:2100_network_camera:2.03:::::::*`
axis	2100_network_camera	2.12	-	-	`cpe:2.3:h:axis:2100_network_camera:2.12:::::::*`
axis	2100_network_camera	2.30	-	-	`cpe:2.3:h:axis:2100_network_camera:2.30:::::::*`
axis	2100_network_camera	2.31	-	-	`cpe:2.3:h:axis:2100_network_camera:2.31:::::::*`
axis	2100_network_camera	2.32	-	-	`cpe:2.3:h:axis:2100_network_camera:2.32:::::::*`
axis	2100_network_camera	2.33	-	-	`cpe:2.3:h:axis:2100_network_camera:2.33:::::::*`
axis	2100_network_camera	2.34	-	-	`cpe:2.3:h:axis:2100_network_camera:2.34:::::::*`
axis	2100_network_camera	2.40	-	-	`cpe:2.3:h:axis:2100_network_camera:2.40:::::::*`
axis	2100_network_camera	2.41	-	-	`cpe:2.3:h:axis:2100_network_camera:2.41:::::::*`
axis	2110_network_camera	2.12	-	-	`cpe:2.3:h:axis:2110_network_camera:2.12:::::::*`
axis	2110_network_camera	2.30	-	-	`cpe:2.3:h:axis:2110_network_camera:2.30:::::::*`
axis	2110_network_camera	2.31	-	-	`cpe:2.3:h:axis:2110_network_camera:2.31:::::::*`
axis	2110_network_camera	2.32	-	-	`cpe:2.3:h:axis:2110_network_camera:2.32:::::::*`
axis	2110_network_camera	2.34	-	-	`cpe:2.3:h:axis:2110_network_camera:2.34:::::::*`
axis	2110_network_camera	2.40	-	-	`cpe:2.3:h:axis:2110_network_camera:2.40:::::::*`
axis	2110_network_camera	2.41	-	-	`cpe:2.3:h:axis:2110_network_camera:2.41:::::::*`
axis	2120_network_camera	2.12	-	-	`cpe:2.3:h:axis:2120_network_camera:2.12:::::::*`
axis	2120_network_camera	2.30	-	-	`cpe:2.3:h:axis:2120_network_camera:2.30:::::::*`
axis	2120_network_camera	2.31	-	-	`cpe:2.3:h:axis:2120_network_camera:2.31:::::::*`
axis	2120_network_camera	2.32	-	-	`cpe:2.3:h:axis:2120_network_camera:2.32:::::::*`
axis	2120_network_camera	2.34	-	-	`cpe:2.3:h:axis:2120_network_camera:2.34:::::::*`
axis	2120_network_camera	2.40	-	-	`cpe:2.3:h:axis:2120_network_camera:2.40:::::::*`
axis	2120_network_camera	2.41	-	-	`cpe:2.3:h:axis:2120_network_camera:2.41:::::::*`
axis	2400_video_server	3.11	-	-	`cpe:2.3:h:axis:2400_video_server:3.11:::::::*`
axis	2400_video_server	3.12	-	-	`cpe:2.3:h:axis:2400_video_server:3.12:::::::*`
axis	2401_video_server	3.12	-	-	`cpe:2.3:h:axis:2401_video_server:3.12:::::::*`
axis	2420_network_camera	2.12	-	-	`cpe:2.3:h:axis:2420_network_camera:2.12:::::::*`
axis	2420_network_camera	2.30	-	-	`cpe:2.3:h:axis:2420_network_camera:2.30:::::::*`
axis	2420_network_camera	2.31	-	-	`cpe:2.3:h:axis:2420_network_camera:2.31:::::::*`
axis	2420_network_camera	2.32	-	-	`cpe:2.3:h:axis:2420_network_camera:2.32:::::::*`
axis	2420_network_camera	2.33	-	-	`cpe:2.3:h:axis:2420_network_camera:2.33:::::::*`
axis	2420_network_camera	2.34	-	-	`cpe:2.3:h:axis:2420_network_camera:2.34:::::::*`
axis	2420_network_camera	2.40	-	-	`cpe:2.3:h:axis:2420_network_camera:2.40:::::::*`
axis	2420_network_camera	2.41	-	-	`cpe:2.3:h:axis:2420_network_camera:2.41:::::::*`
axis	2460_network_dvr	3.12	-	-	`cpe:2.3:h:axis:2460_network_dvr:3.12:::::::*`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

13145 third-party-advisory
cve.org

访问

dns-localhost-dos(17997) vdb-entry
cve.org

访问

1012157 vdb-entry
cve.org

访问

11642 vdb-entry
cve.org

访问

无标题 x_refsource_MISC
cve.org

访问

无标题 x_refsource_CONFIRM
cve.org

访问

无标题 x_refsource_MISC
cve.org

访问

CVSS评分详情

5.0

MEDIUM

CVSS向量: AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS版本: 2.0

机密性

NONE

完整性

NONE

可用性

PARTIAL

时间信息

发布时间:

2005-09-01 04:00:00

修改时间:

2024-08-08 00:31:46

创建时间:

2025-11-11 15:32:21

更新时间:

2025-11-11 15:48:56

利用信息

暂无可利用代码信息

数据源详情

数据源	记录ID	版本	提取时间
CVE	`cve_CVE-2004-0789`	2025-11-11 15:17:29	2025-11-11 07:32:21
NVD	`nvd_CVE-2004-0789`	2025-11-11 14:50:55	2025-11-11 07:41:07
CNNVD	`cnnvd_CNNVD-200412-718`	2025-11-11 15:08:45	2025-11-11 07:48:56

版本与语言

当前版本: v3

主要语言: EN

支持语言:

EN ZH

安全公告

暂无安全公告信息

变更历史

v3 CNNVD

2025-11-11 15:48:56

vulnerability_type: 未提取 → 授权问题; cnnvd_id: 未提取 → CNNVD-200412-718; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']

查看详细变更

vulnerability_type: 未提取 -> 授权问题
cnnvd_id: 未提取 -> CNNVD-200412-718
data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']

v2 NVD

2025-11-11 15:41:07

cvss_score: 未提取 → 5.0; cvss_vector: NOT_EXTRACTED → AV:N/AC:L/Au:N/C:N/I:N/A:P; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 98; data_sources: ['cve'] → ['cve', 'nvd']

查看详细变更

cvss_score: 未提取 -> 5.0
cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss_version: NOT_EXTRACTED -> 2.0
affected_products_count: 0 -> 98
data_sources: ['cve'] -> ['cve', 'nvd']

CVE-2004-0789 (CNNVD-200412-718)

中文标题:

多个供应商DNS响应泛滥拒绝服务漏洞

英文标题:

Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Po...

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史