DNS: Negative Response ANY Query
This signature detects negative responses for DNS type Any queries. A negative response for type Any could indicate a possible DNS poisoning attack resulting in unsuspected users being forced to view information that was unintended.
Extended Description
The Microsoft Windows DNS Server is prone to a DNS-spoofing vulnerability because the software fails to properly reuse cached responses. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.
Affected Products
Avaya messaging_application_server,Microsoft windows_server_2003_standard_edition
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Microsoft
Avaya
5.8
6.4