Short Name |
DNS:SYMANTEC-DNS-RESPONSE-DOS |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
DNS |
Keywords |
Symantec DNS Response DOS |
Release Date |
2013/07/08 |
Update Number |
2280 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability within multiple Symantec client security products. A successful attack can result in a denial-of-service condition. An attacker can craft a DNS packet that can cause the Symantec security products to enter an infinite loop, allowing an attacker to disable all access to the host running the vulnerable product. The victim will need to reboot the server for the system to be usable again.
Various Symantec Client Firewall products are prone to a remote denial-of-service vulnerability because the applications fail to properly handle DNS response packets.