DNS: BIND iquery Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Internet Software Consortium (ISC) BIND, a nameserver daemon. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
A buffer overflow exists in certain versions of BIND, the nameserver daemon currently maintained by the Internet Software Consortium (ISC). BIND fails to properly bound the data recieved when processing an inverse query. Upon a memory copy, portions of the program can be overwritten, and arbitrary commands run on the affected host. Exploits for this vulnerability are very widespread, and were posted to the Bugtraq mailing list.
Affected Products
Netbsd netbsd
References
BugTraq: 134
CVE: CVE-1999-0009
URL: http://www.securityfocus.com/advisories/252 http://www.cert.org/advisories/CA-98.05.bind_problems.html#TOPIC1
Short Name
DNS:QUERY:BIND-IQUERY-BO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DNS
Keywords
BIND Buffer CVE-1999-0009 Overflow bid:134 iquery
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Sco
Ibm
Sun
Nec
Sgi
Isc
Data_general
Bsd
Caldera
Netbsd
CVSS Score
10.0