Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Potential vulnerability in DNS name resolution (PINE Internet Security Advisory PINE-CERT-20020601)

0

0

Article ID: JSA10290 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 2.0
Legacy Advisory Id:
FA-SW-0206-001
Product Affected:
All releases of JUNOS software prior to June 27, 2002
Problem:
Because of an error in the DNS name-resolution code, improperly formatted DNS messages might cause a buffer overrun in the message parsing routines. This error could enable a remote attacker to execute arbitrary code with the privileges of the program performing the DNS resolution.

This problem is described in more detail in PR/25929 and in the original advisory located at http://www.pine.nl/advisories/pine-cert-20020601.html
Solution:
The DNS name-resolution code has been corrected to properly parse all DNS messages, including any padding required. The buffer overflow can no longer be triggered by malformed messages.
Implementation:
All JUNOS software released on or after June 27, 2002 contains the correction for this vulnerability. Juniper Networks strongly recommends that customers update the software on their routers. The fix is included in JUNOS Release 5.1R5 or later, Release 5.2R4 or later, Release 5.3R3 or later, and all releases of JUNOS Release 5.4.

For customers who are unable to upgrade their software, we recommend disabling DNS name resolution. Contact JTAC for instructions.
Severity Level:
Medium
Severity Assessment:
No exploit of this vulnerability is known to exist. However, because the DNS name-resolution code is used in numerous utilities throughout the JUNOS software, many opportunities exist for an attacker to exploit this vulnerability.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search