Juniper Networks Information for VU#803539

Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflows



Vendor Statement

All versions of Juniper Networks JUNOS software released prior to June 27, 2002, are potentially vulnerable to this bug. This includes JUNOS versions 4.x, 5.0R1 through 5.0R4, 5.1R1 through 5.1R4, 5.2R1 through 5.2R3, and 5.3R1 through 5.3R2. (All releases of JUNOS software with version 5.4 or higher are NOT vulnerable.) The bug has been corrected as of June 27, 2002, and all future software releases will contain the correction. All Juniper Networks customers are encouraged to contact JTAC, the Juniper Networks Technical Assistance Center by telephone at 1-888-314-JTAC, or by E-mail at for details on the availability of corrected software.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.