GEN:SID 1:260
Message DNS EXPLOIT named overflow ADMROCKS
Summary This event is generated by an attempted buffer overflow associated with improperly formatted DNS inverse queries.
Impact Severe. The DNS server can be compromised allowing the attacker access at the privilege level at which BIND runs.  
Detailed Information Certain versions of BIND do no perform correct bounds checking when responding to an inverse query. A maliciously formatted inverse query can cause the DNS server to crash and allow remote access with the privileges of the user running BIND.  Inverse queries are disabled by default; this attack can affect DNS servers that have been configured to enable them.
Affected Systems BIND 4.9 releases prior to 4.9.7 and BIND 8 releases prior to 8.1.2.
Attack Scenarios An attacker can launch this exploit to gain remote access to the DNS server.
Ease of Attack Simple.  Code exists to exploit the buffer overflow.
Corrective Action Upgrade to a version of BIND that is not vulnerable to this attack.
Additional References CERT:
http://www.cert.org/advisories/CA-1998-05.html

Rule References bugtraq: 788
cve: 1999-0833
url: www.cert.org/advisories/CA-1999-14.html