Signature Detail
Short Name |
DNS:REQUEST:SUN-JRE-DOS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
DNS |
Keywords |
Sun Java JRE DNS Denial Of Service |
Release Date |
2013/07/09 |
Update Number |
2280 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DNS: Sun Java JRE DNS Denial Of Service
This signature detects attempts to exploit a known vulnerability against Sun Java JRE DNS. A successful attack can result in a denial-of-service condition.
Extended Description
A remote denial of service vulnerability reportedly affects the Sun Java Runtime Environment. This issue is due to a design error that fails to keep track of DNS requests. An attacker may leverage this issue to cause an application running on the affected software to fail to make DNS requests, causing a denial of service condition on network-based Java applications. Reports from Harry Johnston indicate the OraClient 10g component of Oracle Database Server 10g incorporates a vulnerable version of the Java Runtime Environment and is therefore vulnerable to this issue.
Affected Products
- Sun JRE (Linux Production Release) 1.4.2
- Sun JRE (Linux Production Release) 1.4.2 03
- Sun JRE (Linux Production Release) 1.5.0
- Sun JRE (Solaris Production Release) 1.4.2
- Sun JRE (Solaris Production Release) 1.5.0
- Sun JRE (Windows Production Release) 1.4.2
- Sun JRE (Windows Production Release) 1.5.0
References
- BugTraq: 11619
- CVE: CVE-2004-1503