24971 : Multiple Vendor DNS Unspecified Remote DoS (PROTOS)
Printer | http://osvdb.org/24971 | Email This | Edit Vulnerability

Views This Week

Views All Time

Info

Last Modified

4 months ago

Percent Complete

100%

Disclosure

Apr 25, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Multiple products contains a flaw that may allow a remote denial of service. The issue is due to unspecified errors within the handling of DNS responses, and will result in loss of availability for the service.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Availability
Exploit: Exploit Rumored / Private
Disclosure: OSVDB Verified

Solution

Consult your vendor for the appropriate upgrade or workaround (if available).

Products

DeleGate	Delegate	8.11.5
		9.0.5

PowerDns

3.0.0

Paul Rombouts

pdnsd

1.2.3

Hitachi, Ltd.	JP1/PFM/SNMP System Observer	Unknown or Unspecified
	JP1/Server System Observer	Unknown or Unspecified
	JP1/Automatic Job Management System 2	Unknown or Unspecified
	JP1/Performance Management	Unknown or Unspecified
	Cm2/Network Node Manager Enterprise/Unlimited/250	Unknown or Unspecified
	JP1/Cm2/Network Node Manager Enterprise/250	Unknown or Unspecified
	JP1/Server Conductor/Blade Server Manager	Unknown or Unspecified
	JP1/Server Conductor/Server Manager	Unknown or Unspecified
	Server Conductor/Blade Server Manager	Unknown or Unspecified
	Server Conductor/Server Manager	Unknown or Unspecified
	System Manager - Management Console	Unknown or Unspecified
	JP1/File Access Control	Unknown or Unspecified
	JP1/Security Integrated Manager	Unknown or Unspecified

Juniper Networks, Inc.	JUNOSe DNS	5-3-5p0-2
		6-0-3p0-6
		6-0-4
		6-1-3p0-1
		7-0-1p0-7
		7-0-2
		7-1-0p0-1
		7-1-1

ISC

BIND

Unknown or Unspecified

MyDNS

1.1.0

Fujitsu	NetShelter/FW	E11Lxx
	NetShelter/FW	E12Lxx
	NetShelter/FW-P	Unknown or Unspecified
	NetShelter/FW-L	Unknown or Unspecified
	NetShelter/FW-M	Unknown or Unspecified

References

Security Tracker: 1015989 1015990 1015991 1015992 1015993
Bugtraq ID: 17691 17692 17693 17710 17791
Secunia Advisory ID: 19750 19808 19820 19822 19831 19835 19841 19894 20055
CVE ID: 2006-2068 (see also: NVD) 2006-2072 (see also: NVD) 2006-2073 (see also: NVD) 2006-2074 (see also: NVD) 2006-2075 (see also: NVD) 2006-2076 (see also: NVD) 2006-2078 (see also: NVD) 2006-2240 (see also: NVD)
FrSIRT Advisory: ADV-2006-1505 ADV-2006-1506 ADV-2006-1526 ADV-2006-1536 ADV-2006-1537
Keyword: HS06-007-01,HS06-007-02,HS06-007-03,HS06-007-04,HS06-007-05,HS06-007-06,HS06-007-07,20060425-00311,NISCC Vulnerability Advisory 144154/NISCC/DNS
Mail List Post: http://attrition.org/pipermail/vim/2006-April/000720.html
http://attrition.org/pipermail/vim/2006-April/000727.html
Vendor Specific News/Changelog Entry: http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-0-1
http://wiki.powerdns.com/projects/trac/changeset/760
http://wiki.powerdns.com/projects/trac/changeset/761
Vendor Specific Advisory URL: http://software.fujitsu.com/jp/security/vulnerabilities/niscc144154.html
http://www.furukawa.co.jp/fitelnet/topic/dns2_attacks.html
http://www.gentoo.org/security/en/glsa/glsa-200605-10.xml
http://www.hitachi-support.com/security_e/vuls_e/HS06-007_e/index-e.html
News Article: http://www.computerworld.com/securitytopics/security/holes/story/0,10801,110897,0 ......
Other Advisory URL: http://www.niscc.gov.uk/niscc/docs/br-20060425-00311.html?lang=en
http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en

Tools & Filters

Nessus	21293 21352

Credit

PROTOS - protosee.oulu.fi - Oulu University Secure Programming Group

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches

Views This Week

Views All Time

Info

Last Modified

Percent Complete

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Delegate

PowerDns

pdnsd

JP1/PFM/SNMP System Observer

JP1/Server System Observer

JP1/Automatic Job Management System 2

JP1/Performance Management

Cm2/Network Node Manager Enterprise/Unlimited/250

JP1/Cm2/Network Node Manager Enterprise/250

JP1/Server Conductor/Blade Server Manager

JP1/Server Conductor/Server Manager

Server Conductor/Blade Server Manager

Server Conductor/Server Manager

System Manager - Management Console

JP1/File Access Control

JP1/Security Integrated Manager

JUNOSe DNS

BIND

MyDNS

NetShelter/FW

NetShelter/FW-P

NetShelter/FW-L

NetShelter/FW-M

References

Tools & Filters

Credit

Blogs

Comments