Juniper JUNOSe DNS Client Denial Of Service Vulnerability
BID:17693
Info
Juniper JUNOSe DNS Client Denial Of Service Vulnerability
| Bugtraq ID: | 17693 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 25 2006 12:00AM |
| Updated: | Apr 26 2006 07:31PM |
| Credit: | This issue was discovered by the PROTOS DNS Test Suite, which was developed by the Oulu University Secure Programming Group (OUSPG). |
| Vulnerable: |
Juniper junose 0 |
| Not Vulnerable: |
Juniper junose 7.1.1 Juniper junose 7.1 p0-1 Juniper junose 7.0.2 Juniper junose 7.0.1 p0-7 Juniper junose 6.1.3 p0-1 Juniper junose 6.0.4 Juniper junose 6.0.3 p0-6 Juniper junose 5.3.5 p0-2 |
Discussion
Juniper JUNOSe DNS Client Denial Of Service Vulnerability
Juniper JUNOSe is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to properly handle DNS datagrams.
An attacker can exploit this issue to crash the affected DNS client service, effectively denying service to legitimate users.
Juniper JUNOSe is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to properly handle DNS datagrams.
An attacker can exploit this issue to crash the affected DNS client service, effectively denying service to legitimate users.
Exploit / POC
Juniper JUNOSe DNS Client Denial Of Service Vulnerability
The PROTOS DNS Test Suite, which was developed by the Oulu University Secure Programming Group (OUSPG), may be used to trigger this issue.
The PROTOS DNS Test Suite, which was developed by the Oulu University Secure Programming Group (OUSPG), may be used to trigger this issue.
Solution / Fix
Juniper JUNOSe DNS Client Denial Of Service Vulnerability
Solution:
The vendor has released updated versions of the affected software to address this issue. Users of affected packages should contact the vendor for further information on obtaining and installing fixed versions of JUNOSe.
Solution:
The vendor has released updated versions of the affected software to address this issue. Users of affected packages should contact the vendor for further information on obtaining and installing fixed versions of JUNOSe.
References
Juniper JUNOSe DNS Client Denial Of Service Vulnerability
References:
References:
- Customer Support (Juniper Networks)
- Juniper Networks Homepage (Juniper Networks)
- NISCC Vulnerability Advisory 144154/NISCC/DNS (NISCC)
- NISCC Vulnerability Advisory 144154/NISCC/DNS - Vulnerability Issues in Implemen (NISCC)