GEN:SID | 1:259 |
Message | DNS EXPLOIT named overflow ADM |
Summary | This event is generated by an attempted buffer overflow associated with incorrect validation of DNS NXT records.
|
Impact | Severe. The DNS server can be compromised allowing the attacker to execute arbitrary commands with the privileges of the user running BIND.
|
Detailed Information | Improper validation of DNS NXT records may allow at attacker to perform a buffer overflow. This can allow the attacker to execute arbitrary code with the privileges of the user running BIND.
|
Affected Systems | BIND versions 8.2 up to, but not including, 8.2.2.
|
Attack Scenarios | An attacker can launch this exploit to gain remote access to the DNS server.
|
Ease of Attack | Simple. Code exists to exploit the buffer overflow.
|
Corrective Action | Upgrade to a version of BIND 8.2.2 or greater, or patch vulnerable versions of BIND.
|
Additional References | CERT: http://www.cert.org/advisories/CA-1999-14.html
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0833
Bugtraq: http://www.securityfocus.com/bid/788
|
Rule References | bugtraq: 788
cve: 1999-0833
|