Signature Detail
Short Name |
DNS:QUERY:BIND-IQUERY-BO |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
DNS |
Keywords |
BIND iquery Buffer Overflow |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DNS: BIND iquery Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Internet Software Consortium (ISC) BIND, a nameserver daemon. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
A buffer overflow exists in certain versions of BIND, the nameserver daemon currently maintained by the Internet Software Consortium (ISC). BIND fails to properly bound the data recieved when processing an inverse query. Upon a memory copy, portions of the program can be overwritten, and arbitrary commands run on the affected host. Exploits for this vulnerability are very widespread, and were posted to the Bugtraq mailing list.
Affected Products
- BSD BSD/OS 2.0.0
- BSD BSD/OS 2.0.1
- BSD BSD/OS 2.1.0
- Caldera OpenLinux Standard 1.0.0
- Data General DG/UX 5.4 3.0.0
- Data General DG/UX 5.4 3.1.0
- Data General DG/UX 5.4 4.1.0
- Data General DG/UX 5.4 4.11.0
- IBM AIX 4.1.0
- IBM AIX 4.1.1
- IBM AIX 4.1.2
- IBM AIX 4.1.3
- IBM AIX 4.1.4
- IBM AIX 4.1.5
- IBM AIX 4.2.0
- IBM AIX 4.2.1
- IBM AIX 4.3.0
- ISC BIND 4.9.6
- ISC BIND 8.1.0
- ISC BIND 8.1.1
- NEC UX/4800 (64)
- NetBSD 1.0.0
- NetBSD 1.1.0
- NetBSD 1.2.0
- NetBSD 1.2.1
- NetBSD 1.3.0
- NetBSD 1.3.1
- Red Hat Linux 4.0.0
- Red Hat Linux 4.1.0
- Red Hat Linux 4.2.0
- Red Hat Linux 5.0.0
- SCO Open Desktop 3.0.0
- SCO Open Server 5.0.0
- SCO Unixware 2.1.0
- SCO Unixware 7.0.0
- SGI IRIX 3.2.0
- SGI IRIX 3.3.0
- SGI IRIX 3.3.1
- SGI IRIX 3.3.2
- SGI IRIX 3.3.3
- SGI IRIX 4.0.0
- SGI IRIX 4.0.1
- SGI IRIX 4.0.1 T
- SGI IRIX 4.0.2
- SGI IRIX 4.0.3
- SGI IRIX 4.0.4
- SGI IRIX 4.0.4 B
- SGI IRIX 4.0.4 T
- SGI IRIX 4.0.5
- SGI IRIX 4.0.5 A
- SGI IRIX 4.0.5 D
- SGI IRIX 4.0.5 E
- SGI IRIX 4.0.5 F
- SGI IRIX 4.0.5 G
- SGI IRIX 4.0.5 H
- SGI IRIX 4.0.5 (IOP)
- SGI IRIX 4.0.5 IPR
- SGI IRIX 5.0.0
- SGI IRIX 5.0.1
- SGI IRIX 5.1.0
- SGI IRIX 5.1.1
- SGI IRIX 5.2.0
- SGI IRIX 5.3.0
- SGI IRIX 5.3.0 XFS
- SGI IRIX 6.0.0
- SGI IRIX 6.0.1
- SGI IRIX 6.0.1 XFS
- SGI IRIX 6.1.0
- SGI IRIX 6.2.0
- SGI IRIX 6.3.0
- Sun Solaris 2.3
- Sun Solaris 2.4
- Sun Solaris 2.5
- Sun Solaris 2.5.1
- Sun Solaris 2.5.1_ppc
- Sun Solaris 2.5.1_x86
- Sun Solaris 2.5_x86
- Sun Solaris 2.6
- Sun Solaris 2.6_x86
References