CVE-2019-25591
Buffer Overflow in DNSS 2.1.8 Causes Local Denial of Service
Publication date: 2026-03-22
Last updated on: 2026-03-22
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nsauditor | dnss | 2.1.8 |
| nsauditor | dnss | to 2.1.8 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2019-25591 is a buffer overflow vulnerability in DNSS Domain Name Search Software version 2.1.8. It occurs in the registration code input field, where the software does not properly handle an excessively long input string. A local attacker can exploit this by submitting a malicious registration code consisting of 300 repeated characters into the Name/Key field via the Register menu option.
This improper input handling causes the application to crash, resulting in a denial of service (DoS). The vulnerability requires local access and no special privileges or user interaction beyond pasting the malicious string.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the DNSS application to crash when a maliciously crafted registration code is submitted. This leads to a denial of service (DoS), making the software unavailable or unstable.
Since the vulnerability requires local access, an attacker with access to the system can disrupt the normal operation of the DNSS software by triggering this crash.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability is triggered locally by submitting an excessively long string (300 repeated characters) into the registration code input field of the DNSS application. Detection involves verifying if the DNSS software version 2.1.8 or earlier is installed and testing the application's behavior when pasting a long string into the Name/Key field."}, {'type': 'paragraph', 'content': 'There are no specific network detection commands since the vulnerability requires local interaction and does not involve network vectors.'}, {'type': 'paragraph', 'content': 'To test the vulnerability manually, you can perform the following steps:'}, {'type': 'list_item', 'content': "Create a text file containing 300 repeated characters (e.g., the letter 'A')."}, {'type': 'list_item', 'content': 'Copy the contents of this file to the clipboard.'}, {'type': 'list_item', 'content': 'Launch the DNSS application.'}, {'type': 'list_item', 'content': 'Navigate to Register > Enter Registration Code...'}, {'type': 'list_item', 'content': 'Paste the clipboard content into the Name/Key field and click OK.'}, {'type': 'paragraph', 'content': 'If the application crashes, it indicates the presence of the vulnerability.'}] [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Since the vulnerability requires local access and is triggered by pasting an excessively long registration code string, immediate mitigation steps include:
- Restrict local access to the DNSS application to trusted users only.
- Avoid pasting or entering unusually long strings (300 or more repeated characters) into the registration code input field.
- Monitor and educate users about the risk of pasting suspicious or malformed input into the application.
Additionally, check for any available software updates or patches from the vendor that address this buffer overflow vulnerability and apply them as soon as possible.