Vulnerability Issue in Implementations of the DNS Protocol

• Previous message (by thread): New IANA IPv6 allocation for APNIC (2400::/19)
• Next message (by thread): Vulnerability Issue in Implementations of the DNS Protocol
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

UNIRAS (UK Gov CERT)/NISCC:
http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html

[snip]


Summary
- -------
A vulnerability affecting the Domain Name System (DNS)
protocol was identified by Dr. Steve Beaty from the
Department of Mathematical and Computer Science of
Metropolitan State College of Denver.

The Domain Name System (DNS) protocol is an Internet
service that translates domain names into Internet Protocol
(IP) addresses. Because domain names are alphabetic,
they're easier to remember, however the Internet is
really based on IP addresses; hence every time a domain
name is requested, a DNS service must translate the name
into the corresponding IP address.

The vulnerability concerns the recursion process used by
some DNS implementations to decompress compressed DNS
messages. Under certain circumstances, it is possible to
cause the DNS server to terminate abnormally.

All users of applications that support DNS are recommended
to take note of this advisory and carry out any remedial actions
suggested by their vendor(s).

[snip]

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg at netzero.net or fergdawg at sbcglobal.net
 ferg's tech blog: http://fergdawg.blogspot.com/

• Previous message (by thread): New IANA IPv6 allocation for APNIC (2400::/19)
• Next message (by thread): Vulnerability Issue in Implementations of the DNS Protocol
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]