Short Name |
DNS:EXPLOIT:BIND-ADDSOA |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
DNS |
Keywords |
ISC BIND query_addsoa Denial of Service |
Release Date |
2010/10/07 |
Update Number |
1787 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against ISC BIND. A successful attack can lead to arbitrary code execution.
ISC BIND is prone to a denial-of-service vulnerability because it fails to handle certain sequences of malicious queries. NOTE: Only applications configured with the 'recursion' directive/attribute enabled are vulnerable to this issue. An attacker can exploit this issue to cause the application to exit, denying service to legitimate users. ISC BIND 9.40, 9.5.0a1, 9.5.0a2, and 9.5.0a3 are vulnerable.