Summary
Multiple DNS vendors are reported susceptible to a denial of service vulnerability (Axis Communication, dnrd, Don Moore, Posadis).
This vulnerability results in vulnerable DNS servers entering into an infinite query and response message loop, leading to the consumption of network and CPU resources, and denying DNS service to legitimate users.
An attacker may exploit this flaw by finding two vulnerable servers and set up a 'ping-pong' attack between the two hosts.
Solution
http://www.uniras.gov.uk/vuls/2004/758884/index.htm
Severity
Classification
-
CVE CVE-2004-0789 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities