Knowledge Search


×
 

Potential security vulnerability in DNS name resolution code (CERT Vulnerability Note #738331, PR/27529)

  [JSA10286] Show Article Properties


Legacy Advisory Id:
FA-SW-0209-001
Product Affected:
JUNOS Internet software Releases 5.2R1.4, 5.2R2.3, 5.2R3.4, 5.2R4.4, 5.3R1.2, 5.3R2.4, 5.3R3.3, and 5.4R1.4
Problem:
In the releases affected, the DNS name-resolution code might attempt to read beyond the end of the buffer. Various programs that include the name-resolution code can experience bus errors or segment violation faults.

This problem is described in more detail at http://www.kb.cert.org/vuls/id/738331 and is documented as PR/27529.
Solution:
The DNS name resolution code has been updated to properly check the returned length of its buffer.
Implementation:
Customers should install an updated release of JUNOS software. All releases of JUNOS software built on or after August 22, 2002, contain the fix.
Related Links:
Risk Level:
Medium
Risk Assessment:
Excessively long fully qualified host names can be provided by any name server. No direct access to or privileges on the router are required to launch this denial-of-service (DoS) attack.