CVE-2008-4194

Name: CVE-2008-4194
Creator: NVD / NIST
Published: 2008-09-24T11:42:25.327+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 6.93%

Last modified Jun 16, 2026

CVE-2008-4194 is a vulnerability of currently unknown severity. The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug.". EPSS estimates a 6.93% chance of exploitation in the next 30 days.

Description

The p_exec_query function in src/dns_query.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service (daemon crash) via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."

Metrics

EPSS Probability

6.93%

93.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-399

Affected Software

Vendor	Product	Versions
Pdnsd	Pdnsd	<= 1.2.6-par
Pdnsd	Pdnsd	1.1.7
Pdnsd	Pdnsd	1.1.7a
Pdnsd	Pdnsd	1.1.8b1-par4
Pdnsd	Pdnsd	1.1.8b1-par5
Pdnsd	Pdnsd	1.1.8b1-par6
Pdnsd	Pdnsd	1.1.8b1-par7
Pdnsd	Pdnsd	1.1.8b1-par8
Pdnsd	Pdnsd	1.1.9-par
Pdnsd	Pdnsd	1.1.10-par
Pdnsd	Pdnsd	1.1.11-par
Pdnsd	Pdnsd	1.1.11a-par
Pdnsd	Pdnsd	1.2-par
Pdnsd	Pdnsd	1.2.1_par
Pdnsd	Pdnsd	1.2.4-par
Pdnsd	Pdnsd	1.2.5-par

References

Timeline

Published: Sep 24, 2008
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2008-4194?

How severe is CVE-2008-4194?

Severity scoring for CVE-2008-4194 is pending analysis. The EPSS model estimates a 6.93% probability of exploitation in the next 30 days.

How do I fix CVE-2008-4194?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-4194?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST