F5 3DNS UDP Source 53 Open Port Disclosure

2004-07-24T01:15:25
ID OSVDB:8366
Type osvdb
Reporter wnorth(wnorth@verizon.net)
Modified 2004-07-24T01:15:25

Description

Vulnerability Description

F5 3DNS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker initiates a scan of the 3DNS appliance with a UDP source port of 53, which will disclose UDP port and/or service status (open/closed) resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

F5 3DNS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker initiates a scan of the 3DNS appliance with a UDP source port of 53, which will disclose UDP port and/or service status (open/closed) resulting in a loss of confidentiality.

References:

Vendor URL: http://www.f5.com/f5products/3dns/ Mail List Post: http://archives.neohapsis.com/archives/sf/pentest/2004-07/0091.html