Sign-up

ID

VAR-200704-0125


CVE

CVE-2007-1866


TITLE

dproxy-nexgen of dns_decode_reverse_name Stack-based buffer overflow vulnerability in functions

Trust: 0.8

sources: JVNDB: JVNDB-2004-000631

DESCRIPTION

Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than CVE-2007-1465. dproxy-nexgen of dns_decode.c of dns_decode_reverse_name The function contains a stack-based buffer overflow vulnerability. Dproxy is a small cached DNS server. Dproxy is prone to a remote buffer-overflow vulnerability because it fails to properly check boundaries on user-supplied data before copying it to an insufficiently sized buffer. Exploiting this issue could lead to denial-of-service conditions and to the execution of arbitrary machine code with superuser privileges. A successful attack could result in the complete compromise of affected computers or routers/devices. Version 1.c is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/ ---------------------------------------------------------------------- TITLE: dproxy-nexgen "dns_decode_reverse_name" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA24688 VERIFY ADVISORY: http://secunia.com/advisories/24688/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network SOFTWARE: dproxy-nexgen http://secunia.com/product/13834/ DESCRIPTION: mu-b has discovered a vulnerability in dproxy-nexgen, which can be exploited by malicious people to compromise a vulnerable system. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in the latest available version (2007-04-02). SOLUTION: Use the software only in a trusted network environment. PROVIDED AND/OR DISCOVERED BY: mu-b ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053289.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.52

sources: NVD: CVE-2007-1866 // JVNDB: JVNDB-2004-000631 // CNVD: CNVD-2007-2183 // BID: 23243 // PACKETSTORM: 55614

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2007-2183

AFFECTED PRODUCTS

vendor:dproxymodel:dproxyscope:eqversion:nexgen

Trust: 2.4

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:matthewmodel:pratt dproxy-nexgen 1.cscope: - version: -

Trust: 0.3

vendor:matthewmodel:pratt dproxyscope:eqversion:0.5

Trust: 0.3

vendor:matthewmodel:pratt dproxyscope:eqversion:0.4

Trust: 0.3

vendor:matthewmodel:pratt dproxyscope:eqversion:0.3

Trust: 0.3

vendor:matthewmodel:pratt dproxyscope:eqversion:0.2

Trust: 0.3

vendor:matthewmodel:pratt dproxyscope:eqversion:0.1

Trust: 0.3

sources: CNVD: CNVD-2007-2183 // BID: 23243 // JVNDB: JVNDB-2004-000631 // CNNVD: CNNVD-200704-072 // NVD: CVE-2007-1866

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-1866
value: HIGH

Trust: 1.0

NVD: CVE-2007-1866
value: HIGH

Trust: 0.8

CNVD: CNVD-2007-2183
value: HIGH

Trust: 0.6

CNNVD: CNNVD-200704-072
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2007-1866
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2007-2183
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2007-2183 // JVNDB: JVNDB-2004-000631 // CNNVD: CNNVD-200704-072 // NVD: CVE-2007-1866

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-1866

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200704-072

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200704-072

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2004-000631

PATCH
title:Revision 1.10url:http://dproxy.cvs.sourceforge.net/dproxy/dproxy-nexgen/dns_decode.c?revision=1.10&view=markup
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2004-000631

EXTERNAL IDS
db:NVDid:CVE-2007-1866
Trust: 2.4
db:SECUNIAid:24688
Trust: 2.3
db:VUPENid:ADV-2007-1194
Trust: 1.6
db:SREASONid:2518
Trust: 1.6
db:BIDid:23243
Trust: 0.9
db:JVNDBid:JVNDB-2004-000631
Trust: 0.8
db:CNVDid:CNVD-2007-2183
Trust: 0.6
db:FULLDISCid:20070331 RE: DPROXY-NEXGEN REMOTE
Trust: 0.6
db:FULLDISCid:20070331 DPROXY-NEXGEN REMOTE
Trust: 0.6
db:CNNVDid:CNNVD-200704-072
Trust: 0.6
db:PACKETSTORMid:55614
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2007-2183 // 
            
            
            
            BID: 23243 // 
            
            
            
            JVNDB: JVNDB-2004-000631 // 
            
            
            
            PACKETSTORM: 55614 // 
            
            
            
            CNNVD: CNNVD-200704-072 // 
            
            
            
            NVD: CVE-2007-1866

REFERENCES
url:http://lists.grok.org.uk/pipermail/full-disclosure/2007-march/053289.html
Trust: 1.7
url:http://secunia.com/advisories/24688
Trust: 1.6
url:http://lists.grok.org.uk/pipermail/full-disclosure/2007-march/053302.html
Trust: 1.6
url:http://dproxy.cvs.sourceforge.net/dproxy/dproxy-nexgen/dns_decode.c?revision=1.10&view=markup
Trust: 1.6
url:http://securityreason.com/securityalert/2518
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/33753
Trust: 1.0
url:http://www.vupen.com/english/advisories/2007/1194
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-1866
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-1866
Trust: 0.8
url:http://secunia.com/advisories/24688/
Trust: 0.7
url:http://www.frsirt.com/english/advisories/2007/1194
Trust: 0.6
url:http://dproxy.sourceforge.net/
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://corporate.secunia.com/trial/38/request/
Trust: 0.1
url:http://secunia.com/product/13834/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2007-2183 // 
            
            
            
            BID: 23243 // 
            
            
            
            JVNDB: JVNDB-2004-000631 // 
            
            
            
            PACKETSTORM: 55614 // 
            
            
            
            CNNVD: CNNVD-200704-072 // 
            
            
            
            NVD: CVE-2007-1866

CREDITS
mu-b discovered this issue.
Trust: 0.3
sources:
            
            
            BID: 23243

SOURCES
db:CNVDid:CNVD-2007-2183
db:BIDid:23243
db:JVNDBid:JVNDB-2004-000631
db:PACKETSTORMid:55614
db:CNNVDid:CNNVD-200704-072
db:NVDid:CVE-2007-1866

LAST UPDATE DATE
2025-04-10T23:13:19.292000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2007-2183date:2014-01-24T00:00:00
db:BIDid:23243date:2007-04-02T22:22:00
db:JVNDBid:JVNDB-2004-000631date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200704-072date:2007-04-06T00:00:00
db:NVDid:CVE-2007-1866date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:CNVDid:CNVD-2007-2183date:2007-03-23T00:00:00
db:BIDid:23243date:2007-03-23T00:00:00
db:JVNDBid:JVNDB-2004-000631date:2012-06-26T00:00:00
db:PACKETSTORMid:55614date:2007-04-05T02:08:29
db:CNNVDid:CNNVD-200704-072date:2007-04-04T00:00:00
db:NVDid:CVE-2007-1866date:2007-04-04T16:19:00