DNS: SPARC Buffer Overflow (TCP)
This signature detects attempts to exploit a known vulnerability against Sparc systems. Attackers can send maliciously crafted packets to TCP/53, to overflow the buffer and gain root access.
Extended Description
The libc library includes functions which perform DNS lookups. A buffer overflow vulnerability has been reported in versions of libc used by some operating systems. In particular, FreeBSD, NetBSD, OpenBSD and GNU glibc have been reported to suffer from this issue. The vulnerable code is related to DNS queries. It may be possible for a malicious DNS server to provide a response which will exploit this vulnerability, resulting in the execution of arbitrary code as the vulnerable process. The consequences of exploitation will be highly dependant on the details of individual applications using libc.
Affected Products
Hp colour_laserjet_4550,Gnu glibc
References
BugTraq: 5100
CVE: CVE-2002-0651
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2002-0651 http://www.kb.cert.org/vuls/id/803539
Short Name
DNS:OVERFLOW:SPARC-TCP
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
DNS
Keywords
(TCP) Buffer CA-2002-19 CVE-2002-0651 Overflow SPARC bid:5100
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Sco
Openbsd
Freebsd
Gnu
Sun
Hp
Cray
Astaro
Isc
Netbsd
Ibm
CVSS Score
7.5