DNS_EXPLOIT named tsig overflow attempt


Code: p423

Severity: Warning


Description: A specific inverse query has been performed against your DNS server as a precursor to a possible transaction signature (TSIG) buffer overflow attack.

Impact: attempt to gain access to information required for the TSIG exploit. A TSIG buffer overflow exploit attempt will usually follow if there is a response to the inverse query.

Corrective: Update to BIND versions greater than 8.2 to prevent the information leak.