Signature Detail

Short Name	DNS:OVERFLOW:TOO-LONG-TCP-MSG
Severity	High
Recommended	No
Recommended Action	Drop Packet
Category	DNS
Release Date	2003/04/22
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DNS: TCP Message Too Long Buffer Overflow

This protocol anomaly triggers when it detects a DNS TCP-based request/reply that exceeds the maximum length specified in the message header. This can indicate a buffer overflow or an exploit attempt.

Extended Description

The presence of a DNS packet with an anomalous data length might indicate a buffer overflow attack being attempted.

References

URL: http://www.faqs.org/rfcs/rfc1035.html

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Release Date

Update Number

Supported Platforms

DNS: TCP Message Too Long Buffer Overflow

Extended Description

References