Vulnerability

    MacDNS

Affected

    Mac

Description

    There  is  a  problem  about  MacDNS  crashing  on a 6100/66.  The
    problem  is  that  the  firewall  is  sending  DNS  requests  at a
    sufficiently high rate  to crash MacDNS.  Among other things,  the
    firewall  is  attempting  to  resolve  the  inverse domain name of
    every URL  requested by  users.   This could  amount to  bursts of
    several DNS requests per second over several seconds.

    This  may  have  possibly  resulted  in  some buffer in either the
    MacOS or MacDNS being overrun  (Warning: this might be used  for a
    D.O.S.  attack on sites using MacDNS) and a subsequent O/S  crash.
    This problem may or may not apply to other Mac based DNS products.
    Credit goes to Dan Brown.

Solution

    The solution  is to  reconfigure the  bastion host  to use its own
    name  resolver.   However,  this  may  expose  some  internal  DNS
    information  to  the  outside  world;   we  are  considering using
    packet filtering to address this problem.