OSVDB ID: 11575

Title: Multiple Vendor Spoofed DNS DoS

Info

Disclosure
Nov 09, 2004

Discovery
Unknown

Dates

Exploit
Nov 09, 2004

Solution
Unknown

Description

 Multiple products with DNS implementation contains a flaw that may allow a remote denial of service. By sending a DNS query that appears to originate from the localhost on port 53/udp, the system will respond to itself, hence entering an infinite loop which causes the system to consume all available CPU resources, resulting in a loss of availability.

Classification

 Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

 Contact your vendor for an appropriate upgrade. An upgrade is required as there are no known workarounds.

Products

Sam Trenholme

MaraDNS

 0.8.05

Don Moore

MyDNS

 0.10.0

Olaf Kolkman

Net::DNS

 0.44

Hubert Tonneau

Pliant DNS

 Unknown or Unspecified

Men&Mice

QuickDNS

 3.5.1

Meilof Veeningen

Posadis DNS Server

 0.60.2

Yutaka Sato

Delegate

 8.9.5

Brad Garcia

DNRD

 2.10

DrB80

JDNSS

 0.1

Max Feoktistov

Small HTTP Server

 Unknown or Unspecified

RaidenDNSD Team

RaidenDNSD

 Unknown or Unspecified

SIA Mikrotikls

All Products

 Unknown or Unspecified

Axis Communications

Axis Network Video Products

 Unknown or Unspecified

Qbik New Zealand Limited

WinGate

 6.0.1

AscenVision Technology Inc.

SwiftDNS

 Unknown or Unspecified

Aethra, Inc.

ATOS Stargate ADSL

 Unknown or Unspecified

Nortel Networks Limited

Baystack Instant Internet Series

 Unknown or Unspecified

Alteon ACEswitch

 Unknown or Unspecified

References

Credit
  • Roy Arends - royBrand New Doo Doodnss.ec -
  • Jakob Schlyter - jakobBrand New Doo Doorfc.se -


Direct URL: http://osvdb.org/36218