DNS: Null RDATA Length
This signature detects DNS response packets with zero-length RDATA section. ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
Extended Description
ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the 'named' process to crash, denying service to legitimate users. This issue may also be exploited to disclose certain memory information to clients.
Affected Products
Avaya aura_messaging
Short Name
DNS:REPERR:NULL-RDATA-LEN
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DNS
Keywords
CVE-2012-1667 Length Null RDATA bid:53772
Release Date
06/12/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Slackware
Hp
Turbolinux
Avaya
Oracle
Mandriva
Freebsd
Ubuntu
Isc
F5_networks
Debian
CVSS Score
8.5