CVE-2005-2301 : PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote at

PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.

Published 2005-07-19 04:00:00

Updated 2016-10-18 03:26:17

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Threat overview for CVE-2005-2301

Top countries where our scanners detected CVE-2005-2301

Top open port discovered on systems with this issue 53

IPs affected by CVE-2005-2301 20

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2005-2301!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2005-2301

Probability of exploitation activity in the next 30 days: 1.69%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 86 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-2301

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2005-2301

Products affected by CVE-2005-2301

Powerdns » Powerdns » Version: 2.9.11
cpe:2.3:a:powerdns:powerdns:2.9.11:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.12
cpe:2.3:a:powerdns:powerdns:2.9.12:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.13
cpe:2.3:a:powerdns:powerdns:2.9.13:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.14
cpe:2.3:a:powerdns:powerdns:2.9.14:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.0
cpe:2.3:a:powerdns:powerdns:2.9.0:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.10
cpe:2.3:a:powerdns:powerdns:2.9.10:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.15
cpe:2.3:a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.3a
cpe:2.3:a:powerdns:powerdns:2.9.3a:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.5
cpe:2.3:a:powerdns:powerdns:2.9.5:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.6
cpe:2.3:a:powerdns:powerdns:2.9.6:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.7
cpe:2.3:a:powerdns:powerdns:2.9.7:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.8
cpe:2.3:a:powerdns:powerdns:2.9.8:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.1
cpe:2.3:a:powerdns:powerdns:2.9.1:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.2
cpe:2.3:a:powerdns:powerdns:2.9.2:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.4
cpe:2.3:a:powerdns:powerdns:2.9.4:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.17
cpe:2.3:a:powerdns:powerdns:2.9.17:*:*:*:*:*:*:*
Matching versions
Powerdns » Powerdns » Version: 2.9.16
cpe:2.3:a:powerdns:powerdns:2.9.16:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2005-2301

Threat overview for CVE-2005-2301

Exploit prediction scoring system (EPSS) score for CVE-2005-2301

CVSS scores for CVE-2005-2301

References for CVE-2005-2301

Products affected by CVE-2005-2301