• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Multiple Vendor DNS Message Decompression Remote Denial of Service Vulnerability

Severity: HIGH

Description:

Multiple DNS vendors are susceptible to a remote denial-of-service vulnerability. This issue affects both DNS servers and clients.

DNS messages include 16-bit text portions that contain domain names in the following format:

0x04test0x04test0x03com0x00

where the above message represents 'test.test.com'. The character count is prefixed to the characters in the domain.

The DNS (Domain Name System) specification RFC1035 section 4.1.4 describes a way to create smaller messages that can fit into a DNS UDP packet. This can be accomplished by specifying the first two bits of a label length byte to 1 and the remaining 14 bits to point to an offset at the beginning of the text string.

These smaller messages are decoded using recursive routines. An attacker can trigger the denial-of-service condition by specifying an illegal address once the end of the string is reached by the recursive routines. This can lead to an infinite loop and eventually exhaust memory resources.

A successful attack would crash the affected client or server.

This BID will be updated when more information becomes available.

Affected Products:

• Cisco ATA-186
• Cisco ATA-188
• Cisco Application & Content Networking Software
• Cisco Application & Content Networking Software (ACNS)
• Cisco Application & Content Networking Software 4.0.3
• Cisco Application & Content Networking Software 4.1.1
• Cisco Application & Content Networking Software 4.1.3
• Cisco Application & Content Networking Software 4.2.0
• Cisco Application & Content Networking Software 4.2.11
• Cisco Application & Content Networking Software 4.2.7
• Cisco Application & Content Networking Software 4.2.9
• Cisco Application & Content Networking Software 5.0.0
• Cisco Application & Content Networking Software 5.0.1
• Cisco Application & Content Networking Software 5.0.17 .6
• Cisco Application & Content Networking Software 5.0.3
• Cisco Application & Content Networking Software 5.0.5
• Cisco Application & Content Networking Software 5.1.0
• Cisco Application & Content Networking Software 5.1.11 .6
• Cisco Application & Content Networking Software 5.1.13 .7
• Cisco Application & Content Networking Software 5.2.0
• Cisco Application & Content Networking Software 5.2.1 .7
• Cisco Application & Content Networking Software 5.2.3 .9
• Cisco Content Distribution Manager 4630
• Cisco Content Distribution Manager 4630 4.0.0
• Cisco Content Distribution Manager 4630 4.1.0
• Cisco Content Distribution Manager 4650
• Cisco Content Distribution Manager 4650 4.0.0
• Cisco Content Distribution Manager 4650 4.1.0
• Cisco Content Distribution Manager 4670
• Cisco Content Engine 507
• Cisco Content Engine 507 2.2.0 .0
• Cisco Content Engine 507 3.1.0
• Cisco Content Engine 507 4.0.0
• Cisco Content Engine 507 4.1.0
• Cisco Content Engine 510
• Cisco Content Engine 560
• Cisco Content Engine 560 2.2.0 .0
• Cisco Content Engine 560 3.1.0
• Cisco Content Engine 560 4.0.0
• Cisco Content Engine 560 4.1.0
• Cisco Content Engine 565
• Cisco Content Engine 590
• Cisco Content Engine 590 2.2.0 .0
• Cisco Content Engine 590 3.1.0
• Cisco Content Engine 590 4.0.0
• Cisco Content Engine 590 4.1.0
• Cisco Content Engine 7320
• Cisco Content Engine 7320 2.2.0 .0
• Cisco Content Engine 7320 3.1.0
• Cisco Content Engine 7320 4.0.0
• Cisco Content Engine 7320 4.1.0
• Cisco Content Engine 7325
• Cisco Content Engine Module for Cisco Router 2600 Series
• Cisco Content Engine Module for Cisco Router 2800 Series
• Cisco Content Engine Module for Cisco Router 3600 Series
• Cisco Content Engine Module for Cisco Router 3700 Series
• Cisco Content Engine Module for Cisco Router 3800 Series
• Cisco Content Router 4430
• Cisco Content Router 4430 4.0.0
• Cisco Content Router 4430 4.1.0
• Cisco Content Router 4450
• Cisco IP Phone 7902
• Cisco IP Phone 7905
• Cisco IP Phone 7912
• Cisco SESM 3.2(1)
• Cisco SESM 3.2(1)
• Cisco SESM 3.2(2)
• Cisco Unity Express
• DeleGate DeleGate 7.7.0 .0
• DeleGate DeleGate 7.7.1
• DeleGate DeleGate 7.8.0 .0
• DeleGate DeleGate 7.8.1
• DeleGate DeleGate 7.8.2
• DeleGate DeleGate 7.9.11
• DeleGate DeleGate 8.10.0
• DeleGate DeleGate 8.10.1
• DeleGate DeleGate 8.10.2
• DeleGate DeleGate 8.3.3
• DeleGate DeleGate 8.3.4
• DeleGate DeleGate 8.4.0 .0
• DeleGate DeleGate 8.5.0 .0
• DeleGate DeleGate 8.9.0
• DeleGate DeleGate 8.9.1
• DeleGate DeleGate 8.9.2
• DeleGate DeleGate 8.9.3
• DeleGate DeleGate 8.9.4
• DeleGate DeleGate 8.9.5
• DeleGate DeleGate 8.9.6
• Gentoo Linux
• PowerDNS PowerDNS 2.0.0 rc1
• PowerDNS PowerDNS 2.8.0
• PowerDNS PowerDNS 2.9.15
• PowerDNS PowerDNS 2.9.16
• SmoothWall SmoothWall 0.9.9
• SmoothWall SmoothWall 0.9.9 SE
• dnrd dnrd 1.0.0
• dnrd dnrd 1.1.0
• dnrd dnrd 1.2.0
• dnrd dnrd 1.3.0
• dnrd dnrd 1.4.0
• dnrd dnrd 2.0.0
• dnrd dnrd 2.1.0
• dnrd dnrd 2.10.0
• dnrd dnrd 2.2.0
• dnrd dnrd 2.3.0
• dnrd dnrd 2.4.0
• dnrd dnrd 2.5.0
• dnrd dnrd 2.6.0
• dnrd dnrd 2.7.0
• dnrd dnrd 2.8.0
• dnrd dnrd 2.9.0

References:

• Cisco: Cisco Security Notice: Crafted DNS Packet Can Cause Denial Of Service
• NISCC: NISCC Vulnerability Advisory DNS - 589088

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.