CVE DATABASE / CVE-2005-2301
CVE-2005-2301
CVSS 5 · MEDIUM
Summary
PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
CVSS 2.0 breakdown
| Base score | 5 (MEDIUM) |
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | NONE |
| Integrity | NONE |
| Availability | PARTIAL |
Affected products
Powerdns powerdns
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18
- http://marc.info/?l=bugtraq&m=112155941310297&w=2
- http://securitytracker.com/id?1014504
- http://www.novell.com/linux/security/advisories/2005_19_sr.html
- http://www.securityfocus.com/bid/14290
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.