DeleGate DNS Response Message DoS

This script is Copyright (C) 2006-2011 Tenable Network Security, Inc.


Synopsis :

A rogue DNS server may crash the remote proxy.

Description :

The remote host is running Delegate, a multi-application proxy.

The remote version of this software is vulnerable to a denial of service
when processing invalid DNS responses. An attacker may exploit this flaw to
disable this service remotely.

To exploit this flaw, an attacker would need to be able to inject malformed
DNS responses to the queries sent by the remote application.

Solution :

Upgrade to DeleGate 8.11.6 or newer.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 21293 (delegate_dns.nasl)

Bugtraq ID: 17691

CVE ID: CVE-2006-2072