Signature Detail
Short Name |
SCAN:MISC:CAT-ETC-PASSWD-UDP |
|---|---|
Severity |
Info |
Recommended |
No |
Category |
SCAN |
Keywords |
bind |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
DNS: Cat-etc-passwd Buffer Overflow (UDP)
This signature detects attempts to obtain the password file by overflowing the buffer on a nameserver running BIND. Attackers can cause a target nameserver to query UDP/53 on an attacker-controlled nameserver, where a malicious "cookie" is listening. The cookie executes on the target nameserver and the password file is retrieved.
Extended Description
None