Potential DNS Vulnerabilities

Impact

There are numerous vulnerabilities in Domain Name Servers (DNS) that are documented in the CERT Advisories. The two principal areas are:

Problems

An attacker who is able to send malicious DNS responses could remotely exploit this vulnerability to execute arbitrary code or cause a denial of service on vulnerable systems. Any code executed by the attacker would run with the privileges of the process that calls the vulnerable resolver function

Resolutions

Note that DNS resolver libraries can be used by multiple applications on most systems. It may be necessary to upgrade or apply multiple patches and then recompile statically linked applications.

Applications that are statically linked must be recompiled using patched resolver libraries. Applications that are dynamically linked do not need to be recompiled; however, running services need to be restarted in order to use the patched resolver libraries.

System administrators should consider the following process when addressing this issue:

Reference

http://www.cert.org/advisories/CA-2002-19.html