Knowledge Search


Potential security vulnerability in DNS name resolution code (CERT Vulnerability Note #738331, PR/27529)

  [JSA10286] Show Article Properties

Legacy Advisory Id:
Product Affected:
JUNOS Internet software Releases 5.2R1.4, 5.2R2.3, 5.2R3.4, 5.2R4.4, 5.3R1.2, 5.3R2.4, 5.3R3.3, and 5.4R1.4
In the releases affected, the DNS name-resolution code might attempt to read beyond the end of the buffer. Various programs that include the name-resolution code can experience bus errors or segment violation faults.

This problem is described in more detail at and is documented as PR/27529.
The DNS name resolution code has been updated to properly check the returned length of its buffer.
Customers should install an updated release of JUNOS software. All releases of JUNOS software built on or after August 22, 2002, contain the fix.
Related Links:
Risk Level:
Risk Assessment:
Excessively long fully qualified host names can be provided by any name server. No direct access to or privileges on the router are required to launch this denial-of-service (DoS) attack.