|Check Point Reference:||CPAI-2013-1670|
|Date Published:||17 Apr 2013|
|Last Updated:||14 Feb 2016|
|Protection Provided by:||
|Who is Vulnerable?|
|Vulnerability Description||A denial of service vulnerability exists in ISC BIND. A successful attack can lead to excessive memory consumption of the BIND process, eventually leading to a denial-of-service condition. The vulnerability occurs when the server processes a overly complicated rule. A remote attacker could attack the server by getting the rule loaded to the server using proper DNS protocol.|
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: DNS Enforcement Violation.
Attack Information: ISC BIND Regular Expression Handling Denial of Service