DNS DoS Flaw Isolated by UK Company
Moderate Risk Assigned
May. 25, 2005 08:00 PM
The UK-based National Infrastructure Security Co-ordination Centre has issued a public advisory about a DNS flaw that exists in the recursion process used by some DNS implementations to decompress compressed DNS messages, and which it has rated as carrying moderate risk.
The Centre said that the risk has been minimized because the Internet Systems Consortium's BIND is not vulnerable. Mike Poor, founder and senior security analyst at Intelguardians Network Intelligence LLC, reportedly downplayed the overall severity of the flaw but recommended patches for vulnerable DNS implementations.
According to the NISCC advisory, Microsoft Corp. provided the following response to the warning: "We have conducted an investigation of the issue you had reported. At this point, we have determined that the MS implementation of DNS is not affected."
Cisco Systems Inc., which could be potentially affected by this flaw, has already released patches that address it. Affected products include Cisco IP Phones 7902/7905/7912; Cisco ATA (Analog Telephone Adaptor) 186/188; and several Cisco Unity Express Cisco ACNS (Application and Content Networking System) devices.