CVE-2012-1033
Published: 8 February 2012
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
Notes
| Author | Note |
|---|---|
| mdeslaur | upstream advisory says they won't be releasing a fix for this dns-sec is the workaround. upstream apparently included the fix anyway: 3282. [bug] Restrict the TTL of NS RRset to no more than that of the old NS RRset when replacing it. [RT #27792] [RT #27884] |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
bind9 Launchpad, Ubuntu, Debian |
hardy |
Released
(1:9.4.2.dfsg.P2-2ubuntu0.10)
|
| lucid |
Released
(1:9.7.0.dfsg.P1-1ubuntu0.5)
|
|
| maverick |
Ignored
(end of life)
|
|
| natty |
Released
(1:9.7.3.dfsg-1ubuntu2.4)
|
|
| oneiric |
Released
(1:9.7.3.dfsg-1ubuntu4.2)
|
|
| precise |
Released
(1:9.8.1.dfsg.P1-4ubuntu0.1)
|
|
| upstream |
Released
(9.6-ESV-R6,9.7.5,9.8.2)
|