File: 2922.txt

package info (click to toggle)
snort 2.3.3-11
  • links: PTS
  • area: main
  • in suites: etch, etch-m68k
  • size: 22,512 kB
  • ctags: 11,344
  • sloc: ansic: 70,967; sh: 4,848; makefile: 748; perl: 478; sql: 212
file content (62 lines) | stat: -rw-r--r-- 1,014 bytes parent folder | download | duplicates (8)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
Rule: 

--
Sid: 
2922

-- 
Summary: 
This event is generated when an inverse query attempt is made using TCP.

-- 

Impact: 
Possible execution of arbitrary code.

--
Detailed Information:
Bind 8 contains a programming error that may present an attacker with
the opportunity to execute code of their choosing on an affected server.

The error occurs in the handling of malformed transactions. When using
TCP this can result in the attacker causing a heap overflow.

--
Affected Systems:
	Bind 8.

--
Attack Scenarios: 
An attacker needs to send a specially crafted and malformed query to an
affected server.

-- 
Ease of Attack: 
Moderate.

-- 
False Positives:
None known.

--
False Negatives:
None known.

-- 
Corrective Action: 
Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

--
Contributors: 
Sourcefire Vulnerability Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>


-- 
Additional References:


--