Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 DNS:OVERFLOW:OPT-DOS

Severity

 Critical

Recommended

 No

Recommended Action

 Drop Packet

Category

 DNS

Keywords

 dns opt dos

Release Date

 2004/01/29

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

DNS: BIND OPT DoS


This protocol anomaly detects a suspiciously long OPT resource record. All versions of BIND up to version 8.3.3 are vulnerable to a denial-of-service attack. Using an OPT resource record that has a very large UDP payload size; an attacker, by requesting a subdomain that does not exist, can crash the server.

Extended Description

ISC BIND is vulnerable to a denial of service attack. When a DNS lookup is requested on a non-existant sub-domain of a valid domain and an OPT resource record with a large UDP payload is attached, the server may fail.

Affected Products

  • Astaro security_linux 2.0.0 16
  • Astaro security_linux 2.0.0 23
  • Astaro security_linux 2.0.0 24
  • Astaro security_linux 2.0.0 25
  • Astaro security_linux 2.0.0 26
  • Astaro security_linux 2.0.0 27
  • Astaro security_linux 2.0.0 30
  • Astaro security_linux 3.2.0 00
  • Astaro security_linux 3.2.0 10
  • Astaro security_linux 3.2.0 11
  • Compaq tru64 4.0.0 f
  • Compaq tru64 4.0.0 f PK6 (BL17)
  • Compaq tru64 4.0.0 f PK7 (BL18)
  • Compaq tru64 4.0.0 g
  • Compaq tru64 4.0.0 g PK3 (BL17)
  • Compaq tru64 5.0.0 a
  • Compaq tru64 5.0.0 a PK3 (BL17)
  • Compaq tru64 5.1.0
  • Compaq tru64 5.1.0 a
  • Compaq tru64 5.1.0 a PK1 (BL1)
  • Compaq tru64 5.1.0 a PK2 (BL2)
  • Compaq tru64 5.1.0 a PK3 (BL3)
  • Compaq tru64 5.1.0 B
  • Compaq tru64 5.1.0 b PK1 (BL1)
  • Compaq tru64 5.1.0 PK3 (BL17)
  • Compaq tru64 5.1.0 PK4 (BL18)
  • Compaq tru64 5.1.0 PK5 (BL19)
  • Freebsd freebsd 4.4.0
  • Freebsd freebsd 4.5.0
  • Freebsd freebsd 4.6.0
  • Freebsd freebsd 4.7.0
  • Hp hp-ux 10.10.0
  • Hp hp-ux 10.20.0
  • Hp hp-ux 10.24.0
  • Hp hp-ux 11.0.0
  • Hp hp-ux 11.0.0 4
  • Hp hp-ux 11.11.0
  • Hp hp-ux 11.22.0
  • Isc bind 8.3.0 .0
  • Isc bind 8.3.1
  • Isc bind 8.3.2
  • Isc bind 8.3.3
  • Openbsd openbsd 3.0
  • Openbsd openbsd 3.1
  • Openbsd openbsd 3.2
  • Sco open_server 5.0.5
  • Sco open_server 5.0.6
  • Sco open_server 5.0.7
  • Sun cobalt_raq_xtr
  • Sun solaris 9 Sparc

References

  • BugTraq: 6161
  • CVE: CVE-2002-1220
  • URL: http://www.isc.org/products/BIND/bind-security.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out