Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DNS:EXPLOIT:BIND-ADDSOA

Severity

 Medium

Recommended

 No

Recommended Action

 Drop

Category

 DNS

Keywords

 ISC BIND query_addsoa Denial of Service

Release Date

 2010/10/07

Update Number

 1787

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DNS: ISC BIND query_addsoa Denial of Service


This signature detects attempts to exploit a known vulnerability against ISC BIND. A successful attack can lead to arbitrary code execution.

Extended Description

ISC BIND is prone to a denial-of-service vulnerability because it fails to handle certain sequences of malicious queries. NOTE: Only applications configured with the 'recursion' directive/attribute enabled are vulnerable to this issue. An attacker can exploit this issue to cause the application to exit, denying service to legitimate users. ISC BIND 9.40, 9.5.0a1, 9.5.0a2, and 9.5.0a3 are vulnerable.

Affected Products

  • ISC BIND 9.4.0
  • ISC BIND 9.5.0A1
  • ISC BIND 9.5.0A2
  • ISC BIND 9.5.0A3
  • Mandriva Linux Mandrake 2007.1
  • Mandriva Linux Mandrake 2007.1 X86 64
  • OpenPKG Current
  • OpenPKG E1.0-Solid
  • OpenPKG Stable
  • Red Hat Fedora 7

References

  • BugTraq: 23738
  • CVE: CVE-2007-2241

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out