Android OS may behave as an open resolver


Android OS contains an issue where it may behave as an open resolver.

Products Affected

  • Android OS versions prior to 4.3


A device that runs as a DNS cache server, which responds to any recursive DNS queries that are received is referred to as an open resolver.
Android OS contains an issue where it may behave as an open resolver when the tethering function is enabled.


The Android device may be used in a DNS amplification attack and unknowingly become a part of a DDoS attack.

A device is not affected by this issue depending on the network it is connected to. For details, refer to the information provided under "Vendor Status".


Apply an Update
Apply the update according to the information provided by the provider or developer.

Apply a Workaround
The following workaround may mitigate the affects of this vulnerability.

  • Do not connect to an untrusted network or Wi-Fi access point with the tethering function on

Vendor Status

Vendor Status Last Update Vendor Notes
BUFFALO INC. Not Vulnerable 2015/03/27
Cybozu, Inc. Not Vulnerable 2015/03/27
Disney Mobile on SoftBank Vulnerable 2015/03/27
JT Engineering inc. Not Vulnerable 2015/03/27
KDDI CORPORATION Vulnerable 2015/03/27
NEC Corporation Not Vulnerable 2015/03/27
NTT DOCOMO, INC. Vulnerable 2015/06/25
RICOH COMPANY, LTD. Not Vulnerable 2015/03/27
SoftBank Vulnerable 2015/03/27
Y!mobile Vulnerable 2015/03/27


JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2015.03.27 (CVSS Base Metrics)

Base Score:2.6


Yasuhiro Orange Morishita of Japan Registry Services Co., Ltd. (JPRS) reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JVN iPedia JVNDB-2015-000045

Update History

NTT DOCOMO, INC. update status
