N/A

Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.

N/A

N/A

多个供应商DNS响应泛滥拒绝服务漏洞

DNS协议的多种实现方式存在漏洞，包括：(1)如Posadis所使用的Poslib 1.0.2-1及其以前的版本，(2) 固件3.13以前版本中的AxisNetwork产品，和(3)Men & Mice Suite 2.2.3以前的2.2x版本和3.5.2以前的3.5.x版本，远程攻击者借助(a)具有本地主机的DNS查询包作为一个欺骗性的源地址或者(b)触发一个响应包的应答包，从而触发一个通讯环导致服务拒绝（CPU和网络带宽消耗）。

N/A

N/A