Multiple Vendor Crafted Compressed DNS Packet DoS

2005-05-24T02:36:15
ID OSVDB:25291
Type osvdb
Reporter Dr. Steve Beaty(beatys@mscd.edu)
Modified 2005-05-24T02:36:15

Description

Vulnerability Description

Multiple vendor DNS servers contains a flaw that may allow a remote denial of service. The issue is triggered when the server receives a compressed DNS packet with a label length byte with an incorrect offset, and will result in loss of availability for the service.

Solution Description

Upgrade to DeleGate 8.10.3 or higher, dnrd 2.18 or higher, or PowerDNS 2.9.17 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Multiple vendor DNS servers contains a flaw that may allow a remote denial of service. The issue is triggered when the server receives a compressed DNS packet with a label length byte with an incorrect offset, and will result in loss of availability for the service.

References:

Other Advisory URL: http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en Other Advisory URL: http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html Mail List Post: http://attrition.org/pipermail/vim/2006-April/000735.html ISS X-Force ID: 20712 CVE-2005-0037 CVE-2005-0036 CVE-2005-0038 Bugtraq ID: 13729