SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Generic)  >   BIND Vendors:   ISC (Internet Software Consortium)
ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
SecurityTracker Alert ID:  1026647
SecurityTracker URL:  http://securitytracker.com/id/1026647
CVE Reference:   CVE-2012-1033   (Links to External Site)
Date:  Feb 8 2012
Impact:   Modification of system information
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 9.x
Description:   A vulnerability was reported in BIND. A remote user can cause revoked domain names to remain resolvable.

A remote user can exploit a flaw in the DNS cache update policy to cause a revoked domain name to remain as resolvable after the domain name has been deleted from the domain registry and after the associated TTL has expired.

The original advisory was presented at NDSS 2012 ("Ghost Domain Names: Revoked Yet Still Resolvable").

Jian Jiang, Jinjin Liang, Kang Li, Jun Li, Haixin Duan, and Jianping Wu reported this vulnerability.

Impact:   A remote user can cause revoked domain names to remain resolvable.
Solution:   No solution was available at the time of this entry.

The vendor is working on a patch.

The vendor's advisory is available at:

https://www.isc.org/software/bind/advisories/cve-2012-1033

Vendor URL:  www.isc.org/software/bind/advisories/cve-2012-1033 (Links to External Site)
Cause:   State error
Underlying OS:   Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jun 7 2012 (Red Hat Issues Fix) ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable   (bugzilla@redhat.com)
Red Hat has issued a fix for Red Hat Enterprise Linux 5 and 6.
Jun 7 2012 (Red Hat Issues Fix) ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable   (bugzilla@redhat.com)
Red Hat has issued a fix for bind97 for Red Hat Enterprise Linux 5.
Aug 13 2012 (McAfee Issues Fix for McAfee Firewall Enterprise (Sidewinder)) ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
McAfee has issued a fix for McAfee Firewall Enterprise (Sidewinder).
Dec 19 2012 (HP Issues Fix for HP-UX) ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
HP has issued a fix for HP-UX.



 Source Message Contents

Date:  Wed, 08 Feb 2012 20:24:21 +0000
Subject:  ISC BIND


https://www.isc.org/software/bind/advisories/cve-2012-1033

CVE-2012-1033
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC