Vulnerability Description
Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries in response to A queries, which allows remote attackers to poison the DNS cache or cause a denial of service (connection loss).
CVSS Score
6.4
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kerio | Winroute Firewall | 6.0 |
References
- http://secunia.com/advisories/13374Patch
- http://www.kerio.com/security_advisory.htmlVendor Advisory
- http://www.osvdb.org/12293
- http://www.osvdb.org/12294
- http://www.securityfocus.com/bid/11870
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18410
- http://secunia.com/advisories/13374Patch
- http://www.kerio.com/security_advisory.htmlVendor Advisory
- http://www.osvdb.org/12293
- http://www.osvdb.org/12294
- http://www.securityfocus.com/bid/11870
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18410
FAQ
What is CVE-2004-2483?
CVE-2004-2483 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries in response to A queries, which allows remote attackers to poison the DNS cache or cause a denial of service (connection loss).
How severe is CVE-2004-2483?
CVE-2004-2483 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2483?
Check the references section above for vendor advisories and patch information. Affected products include: Kerio Winroute Firewall.