Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
DNS:OVERFLOW:SIG-OVERFLOW |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop Packet |
Category |
DNS |
Keywords |
dns sig overflow |
Release Date |
2004/01/29 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
DNS: BIND SIG Overflow
This protocol anomaly is a TCP-based DNS transaction with a suspiciously small SIG resource record. Bind versions 8 to 8.3.3 are vulnerable to a heap overflow in the code that handles SIG resource records. Attackers can execute arbitrary code on the server.
Extended Description
It has been reported that DNS servers, running BIND with recursive DNS functionality enabled, are prone to a buffer overflow condition. An attacker-controlled authoritative DNS server may cause BIND to cache information into an internal database, when recursion is enabled. A buffer overflow vulnerability exists when the DNS server constructs a response to a client request for cached information. Exploitation of this issue could result in the execution of arbitrary attacker-supplied code with the privileges of the vulnerable BIND daemon. It should be noted that recursive DNS functionality is enabled by default.
Affected Products
- Apple mac_os_x 10.0.0
- Apple mac_os_x 10.1.0
- Apple mac_os_x 10.2.0
- Astaro security_linux 2.0.0 16
- Astaro security_linux 2.0.0 23
- Astaro security_linux 2.0.0 24
- Astaro security_linux 2.0.0 25
- Astaro security_linux 2.0.0 26
- Astaro security_linux 2.0.0 27
- Astaro security_linux 2.0.0 30
- Astaro security_linux 3.2.0 00
- Astaro security_linux 3.2.0 10
- Astaro security_linux 3.2.0 11
- Compaq tru64 4.0.0 f
- Compaq tru64 4.0.0 f PK6 (BL17)
- Compaq tru64 4.0.0 f PK7 (BL18)
- Compaq tru64 4.0.0 g
- Compaq tru64 4.0.0 g PK3 (BL17)
- Compaq tru64 5.0.0 a
- Compaq tru64 5.0.0 a PK3 (BL17)
- Compaq tru64 5.1.0
- Compaq tru64 5.1.0 a
- Compaq tru64 5.1.0 a PK1 (BL1)
- Compaq tru64 5.1.0 a PK2 (BL2)
- Compaq tru64 5.1.0 a PK3 (BL3)
- Compaq tru64 5.1.0 B
- Compaq tru64 5.1.0 b PK1 (BL1)
- Compaq tru64 5.1.0 PK3 (BL17)
- Compaq tru64 5.1.0 PK4 (BL18)
- Compaq tru64 5.1.0 PK5 (BL19)
- Freebsd freebsd 4.4.0
- Freebsd freebsd 4.5.0
- Freebsd freebsd 4.6.0
- Freebsd freebsd 4.7.0
- Hp hp-ux 10.10.0
- Hp hp-ux 10.20.0
- Hp hp-ux 10.24.0
- Hp hp-ux 11.0.0
- Hp hp-ux 11.0.0 4
- Hp hp-ux 11.11.0
- Hp hp-ux 11.22.0
- Isc bind 4.9.0
- Isc bind 4.9.10
- Isc bind 4.9.10 OW2
- Isc bind 4.9.3
- Isc bind 4.9.4
- Isc bind 4.9.5
- Isc bind 4.9.6
- Isc bind 4.9.7
- Isc bind 4.9.8
- Isc bind 4.9.9
- Isc bind 8.2.0
- Isc bind 8.2.1
- Isc bind 8.2.2
- Isc bind 8.2.3
- Isc bind 8.2.4
- Isc bind 8.2.5
- Isc bind 8.2.6
- Isc bind 8.3.0 .0
- Isc bind 8.3.1
- Isc bind 8.3.2
- Isc bind 8.3.3
- Openbsd openbsd 3.0
- Openbsd openbsd 3.1
- Openbsd openbsd 3.2
- Openwall openwall_gnu/*/linux (Owl)-Current
- Sco open_server 5.0.5
- Sco open_server 5.0.6
- Sco open_server 5.0.7
- Sgi irix 6.5.0
- Sgi irix 6.5.1
- Sgi irix 6.5.10
- Sgi irix 6.5.11
- Sgi irix 6.5.12
- Sgi irix 6.5.13
- Sgi irix 6.5.14
- Sgi irix 6.5.15
- Sgi irix 6.5.16
- Sgi irix 6.5.17
- Sgi irix 6.5.18
- Sgi irix 6.5.2
- Sgi irix 6.5.3
- Sgi irix 6.5.4
- Sgi irix 6.5.5
- Sgi irix 6.5.6
- Sgi irix 6.5.7
- Sgi irix 6.5.8
- Sgi irix 6.5.9
- Sun cobalt_raq_xtr
- Sun solaris 7.0
- Sun solaris 7.0_x86
- Sun solaris 8 Sparc
- Sun solaris 8 X86
- Sun solaris 9 Sparc
- Sun solaris 9 X86
References
- BugTraq: 6160
- CERT: CA-2002-31
- CVE: CVE-2002-1219