Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Potential security vulnerability in DNS name resolution code (CERT Vulnerability Note #738331, PR/27529)



Article ID: JSA10286 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 2.0
Legacy Advisory Id:
Product Affected:
JUNOS Internet software Releases 5.2R1.4, 5.2R2.3, 5.2R3.4, 5.2R4.4, 5.3R1.2, 5.3R2.4, 5.3R3.3, and 5.4R1.4
In the releases affected, the DNS name-resolution code might attempt to read beyond the end of the buffer. Various programs that include the name-resolution code can experience bus errors or segment violation faults.

This problem is described in more detail at and is documented as PR/27529.
The DNS name resolution code has been updated to properly check the returned length of its buffer.
Customers should install an updated release of JUNOS software. All releases of JUNOS software built on or after August 22, 2002, contain the fix.
Severity Level:
Severity Assessment:
Excessively long fully qualified host names can be provided by any name server. No direct access to or privileges on the router are required to launch this denial-of-service (DoS) attack.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search