DNS: ISC BIND RRSIG RRsets Denial of Service
This signature detects attempts to exploit a known vulnerability in ISC BIND. The vulnerability is caused by an off-by-one error which further leads to an assertion failure when processing very large RRSIG RRsets in a negative response. An remote attacker may exploit this vulnerability through querying a targeted caching resolver for non-existent names in the domain served by the attacker controlled server. Successful exploitation would result an assertion failure in a server resulting in server crash, leading to denial of service condition.
Extended Description
ISC BIND is prone to a remote denial-of-service vulnerability because the software fails to properly handle certain resource record sets (RRsets). An attacker can exploit this issue to cause the application process to crash, denying service to legitimate users.
Affected Products
Xerox freeflow_print_server_(ffps),Freebsd freebsd
Short Name
DNS:BIND-RRSIG-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DNS
Keywords
BIND CVE-2011-1910 Denial ISC RRSIG RRsets Service bid:48007 of
Release Date
08/02/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3605
False Positive
Unknown
Vendors
Red_hat
Suse
Slackware
F5
Sun
Xerox
Mandriva
Freebsd
Ubuntu
Isc
Debian
Apple
CVSS Score
5.0