[Japanese]

JVNDB-2015-000045

Android OS may behave as an open resolver

Overview

A device that runs as a DNS cache server, which responds to any recursive DNS queries that are received is referred to as an open resolver.
Android OS contains an issue where it may behave as an open resolver when the tethering function is enabled.

Yasuhiro Orange Morishita of Japan Registry Services Co., Ltd. (JPRS) reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 2.6 (Low) [IPA Score]
  • Access Vector: Network
  • Access Complexity: High
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Partial
Affected Products


Google
  • Android OS versions prior to 4.3

Impact

The Android device may be used in a DNS amplification attack and unknowingly become a part of a DDoS attack.

A device is not affected by this issue depending on the network it is connected to. For details, refer to the information provided under "Vendor Status".
Solution

[Apply an Update]
Apply the update according to the information provided by the provider or developer.

[Apply a Workaround]
The following workaround may mitigate the affects of this vulnerability.

* Do not connect to an untrusted network or Wi-Fi access point with the tethering function on
Vendor Information

Google KDDI SoftBank Disney Mobile on SoftBank Ymobile Corporation NTT DOCOMO, INC.
CWE (What is CWE?)

  1. Permissions(CWE-264) [IPA Evaluation]
CVE (What is CVE?)

References

  1. JVN : JVN#81094176
Revision History

  • [2015/03/27]
      Web page was published

Date Public2015/03/27
Date First Published2015/03/27
Date Last Updated2015/03/27