Vulnerabilities > CVE-2012-1033 - Security Bypass vulnerability in ISC BIND

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
isc
nessus

Summary

The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. Per: https://www.isc.org/software/bind/advisories/cve-2012-1033 'Solution: On further review, ISC has determined that this is not an issue which needs an immediate patch. The issue is being reviewed at the protocol level and will be addressed there. Implementing DNSSEC is the safest mitigation measure.'

Nessus

  • NASL familyMisc.
    NASL idVMWARE_VMSA-2012-0016_REMOTE.NASL
    descriptionThe remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - bind - expat - nspr and nss - python - vSphere API
    last seen2020-06-01
    modified2020-06-02
    plugin id89039
    published2016-02-29
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/89039
    titleVMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(89039);
      script_version("1.5");
      script_cvs_date("Date: 2019/11/19");
    
      script_cve_id(
        "CVE-2011-4940",
        "CVE-2011-4944",
        "CVE-2012-0441",
        "CVE-2012-0876",
        "CVE-2012-1033",
        "CVE-2012-1148",
        "CVE-2012-1150",
        "CVE-2012-1667",
        "CVE-2012-3817",
        "CVE-2012-5703"
      );
      script_bugtraq_id(
        51239,
        51898,
        52379,
        52732,
        53772,
        54083,
        54658,
        56571
      );
      script_xref(name:"VMSA", value:"2012-0016");
    
      script_name(english:"VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)");
      script_summary(english:"Checks the ESX / ESXi version and build number.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote VMware ESX / ESXi host is missing a security-related patch.");
      script_set_attribute(attribute:"description", value:
    "The remote VMware ESX / ESXi host is missing a security-related patch.
    It is, therefore, affected by multiple vulnerabilities, including
    remote code execution vulnerabilities, in several components and
    third-party libraries :
    
      - bind
      - expat
      - nspr and nss
      - python
      - vSphere API");
      script_set_attribute(attribute:"see_also", value:"http://www.vmware.com/security/advisories/VMSA-2012-0016.html");
      script_set_attribute(attribute:"solution", value:
    "Apply the appropriate patch according to the vendor advisory that
    pertains to ESX version 4.1 or ESXi version  4.1.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-1667");
    
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/11/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/11/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2016/02/29");
    
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("vmware_vsphere_detect.nbin");
      script_require_keys("Host/VMware/version", "Host/VMware/release");
      script_require_ports("Host/VMware/vsphere");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    
    version = get_kb_item_or_exit("Host/VMware/version");
    release = get_kb_item_or_exit("Host/VMware/release");
    port    = get_kb_item_or_exit("Host/VMware/vsphere");
    
    # Version + build map
    # https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1014508
    fixes = make_array();
    fixes["ESXi 4.1"] = 874690;
    fixes["ESX 4.1"]  = 874690;
    
    matches = eregmatch(pattern:'^VMware (ESXi?).*build-([0-9]+)$', string:release);
    if (empty_or_null(matches))
      exit(1, 'Failed to extract the ESX / ESXi build number.');
    
    type  = matches[1];
    build = int(matches[2]);
    
    fixed_build = fixes[version];
    
    if (!isnull(fixed_build) && build < fixed_build)
    {
      padding = crap(data:" ", length:8 - strlen(type)); # Spacing alignment
    
      report = '\n  ' + type + ' version' + padding + ': ' + version +
               '\n  Installed build : ' + build +
               '\n  Fixed build     : ' + fixed_build +
               '\n';
    
      security_report_v4(extra:report, port:port, severity:SECURITY_HOLE);
    }
    else
      audit(AUDIT_INST_VER_NOT_VULN, "VMware " + version + " build " + build);
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2012-0716.NASL
    descriptionFrom Red Hat Security Advisory 2012:0716 : Updated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id68537
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68537
    titleOracle Linux 5 / 6 : bind (ELSA-2012-0716)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2012:0716 and 
    # Oracle Linux Security Advisory ELSA-2012-0716 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(68537);
      script_version("1.10");
      script_cvs_date("Date: 2019/09/30 10:58:17");
    
      script_cve_id("CVE-2012-1033", "CVE-2012-1667");
      script_bugtraq_id(51898, 53772);
      script_xref(name:"RHSA", value:"2012:0716");
    
      script_name(english:"Oracle Linux 5 / 6 : bind (ELSA-2012-0716)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2012:0716 :
    
    Updated bind packages that fix two security issues are now available
    for Red Hat Enterprise Linux 5 and 6.
    
    The Red Hat Security Response Team has rated this update as having
    important security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    The Berkeley Internet Name Domain (BIND) is an implementation of the
    Domain Name System (DNS) protocols. BIND includes a DNS server
    (named); a resolver library (routines for applications to use when
    interfacing with DNS); and tools for verifying that the DNS server is
    operating correctly.
    
    A flaw was found in the way BIND handled zero length resource data
    records. A malicious owner of a DNS domain could use this flaw to
    create specially crafted DNS resource records that would cause a
    recursive resolver or secondary server to crash or, possibly, disclose
    portions of its memory. (CVE-2012-1667)
    
    A flaw was found in the way BIND handled the updating of cached name
    server (NS) resource records. A malicious owner of a DNS domain could
    use this flaw to keep the domain resolvable by the BIND server even
    after the delegation was removed from the parent DNS zone. With this
    update, BIND limits the time-to-live of the replacement record to that
    of the time-to-live of the record being replaced. (CVE-2012-1033)
    
    Users of bind are advised to upgrade to these updated packages, which
    correct these issues. After installing the update, the BIND daemon
    (named) will be restarted automatically."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2012-June/002851.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2012-June/002852.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected bind packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-chroot");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-libbind-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-sdb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-utils");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:caching-nameserver");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/02/08");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/06/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5 / 6", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL5", reference:"bind-9.3.6-20.P1.el5_8.1")) flag++;
    if (rpm_check(release:"EL5", reference:"bind-chroot-9.3.6-20.P1.el5_8.1")) flag++;
    if (rpm_check(release:"EL5", reference:"bind-devel-9.3.6-20.P1.el5_8.1")) flag++;
    if (rpm_check(release:"EL5", reference:"bind-libbind-devel-9.3.6-20.P1.el5_8.1")) flag++;
    if (rpm_check(release:"EL5", reference:"bind-libs-9.3.6-20.P1.el5_8.1")) flag++;
    if (rpm_check(release:"EL5", reference:"bind-sdb-9.3.6-20.P1.el5_8.1")) flag++;
    if (rpm_check(release:"EL5", reference:"bind-utils-9.3.6-20.P1.el5_8.1")) flag++;
    if (rpm_check(release:"EL5", reference:"caching-nameserver-9.3.6-20.P1.el5_8.1")) flag++;
    
    if (rpm_check(release:"EL6", reference:"bind-9.7.3-8.P3.el6_2.3")) flag++;
    if (rpm_check(release:"EL6", reference:"bind-chroot-9.7.3-8.P3.el6_2.3")) flag++;
    if (rpm_check(release:"EL6", reference:"bind-devel-9.7.3-8.P3.el6_2.3")) flag++;
    if (rpm_check(release:"EL6", reference:"bind-libs-9.7.3-8.P3.el6_2.3")) flag++;
    if (rpm_check(release:"EL6", reference:"bind-sdb-9.7.3-8.P3.el6_2.3")) flag++;
    if (rpm_check(release:"EL6", reference:"bind-utils-9.7.3-8.P3.el6_2.3")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-devel / bind-libbind-devel / bind-libs / etc");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-1462-1.NASL
    descriptionDan Luther discovered that Bind incorrectly handled zero length rdata fields. A remote attacker could use this flaw to cause Bind to crash or behave erratically, resulting in a denial of service. (CVE-2012-1667) It was discovered that Bind incorrectly handled revoked domain names. A remote attacker could use this flaw to cause malicious domain names to be continuously resolvable even after they have been revoked. (CVE-2012-1033). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id59386
    published2012-06-06
    reporterUbuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59386
    titleUbuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : bind9 vulnerabilities (USN-1462-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-1462-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(59386);
      script_version("1.13");
      script_cvs_date("Date: 2019/09/19 12:54:28");
    
      script_cve_id("CVE-2012-1033", "CVE-2012-1667");
      script_bugtraq_id(51898, 53772);
      script_xref(name:"USN", value:"1462-1");
    
      script_name(english:"Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : bind9 vulnerabilities (USN-1462-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Dan Luther discovered that Bind incorrectly handled zero length rdata
    fields. A remote attacker could use this flaw to cause Bind to crash
    or behave erratically, resulting in a denial of service.
    (CVE-2012-1667)
    
    It was discovered that Bind incorrectly handled revoked domain names.
    A remote attacker could use this flaw to cause malicious domain names
    to be continuously resolvable even after they have been revoked.
    (CVE-2012-1033).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/1462-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns36");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns64");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns69");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdns81");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2012/02/08");
      script_set_attribute(attribute:"patch_publication_date", value:"2012/06/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(8\.04|10\.04|11\.04|11\.10|12\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 10.04 / 11.04 / 11.10 / 12.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"8.04", pkgname:"libdns36", pkgver:"1:9.4.2.dfsg.P2-2ubuntu0.10")) flag++;
    if (ubuntu_check(osver:"10.04", pkgname:"libdns64", pkgver:"1:9.7.0.dfsg.P1-1ubuntu0.5")) flag++;
    if (ubuntu_check(osver:"11.04", pkgname:"libdns69", pkgver:"1:9.7.3.dfsg-1ubuntu2.4")) flag++;
    if (ubuntu_check(osver:"11.10", pkgname:"libdns69", pkgver:"1:9.7.3.dfsg-1ubuntu4.2")) flag++;
    if (ubuntu_check(osver:"12.04", pkgname:"libdns81", pkgver:"1:9.8.1.dfsg.P1-4ubuntu0.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libdns36 / libdns64 / libdns69 / libdns81");
    }
    
  • NASL familyDNS
    NASL idBIND9_990.NASL
    descriptionAccording to its self-reported version number, the remote installation of BIND will continue to allow revoked domain names to be resolved due to an issue related to the cache update policy. Note that Nessus has only relied on the version itself and has not attempted to determine whether or not the install is actually affected.
    last seen2020-06-01
    modified2020-06-02
    plugin id62355
    published2012-09-27
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62355
    titleISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-0717.NASL
    descriptionUpdated bind97 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind97 are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id59424
    published2012-06-08
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59424
    titleRHEL 5 : bind97 (RHSA-2012:0717)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2016-0055.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - Fix issue with patch for CVE-2016-1285 and CVE-2016-1286 found by test suite - Fix (CVE-2016-1285, CVE-2016-1286) - Fix (CVE-2015-8704) - Fix (CVE-2015-8000) - Fix (CVE-2015-5722) - Fix (CVE-2015-5477) - Remove files backup after patching (Related: #1171971) - Fix CVE-2014-8500 (#1171971) - fix race condition in socket module - fix (CVE-2012-5166) - bind-chroot-admin: set correct permissions on /etc/named.conf during update - fix (CVE-2012-4244) - fix (CVE-2012-3817) - fix (CVE-2012-1667) - fix (CVE-2012-1033)
    last seen2020-06-01
    modified2020-06-02
    plugin id91739
    published2016-06-22
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/91739
    titleOracleVM 3.2 : bind (OVMSA-2016-0055)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2012-166-01.NASL
    descriptionNew bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id59507
    published2012-06-15
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59507
    titleSlackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2012-166-01)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-383.NASL
    descriptionFixed domain name resolving flaw: CVE-2012-1033, bnc#746074 Non-security fixes : - more than 40 other bugs fixed (see CHANGES for details) - 9.7.6-P1
    last seen2020-06-05
    modified2014-06-13
    plugin id74678
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74678
    titleopenSUSE Security Update : bind (openSUSE-SU-2012:0863-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201209-04.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201209-04 (BIND: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BIND: Domain names are not properly revoked due to an error in the cache update policy (CVE-2012-1033). BIND accepts records with zero-length RDATA fields (CVE-2012-1667). An assertion failure from the failing-query cache could occur when DNSSEC validation is enabled (CVE-2012-3817). A memory leak may occur under high TCP query loads (CVE-2012-3868). An assertion error can occur when a query is performed for a record with RDATA greater than 65535 bytes (CVE-2012-4244). Impact : A remote attacker may be able to cause a Denial of Service condition or keep domain names resolvable after it has been deleted from registration. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id62237
    published2012-09-24
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62237
    titleGLSA-201209-04 : BIND: Multiple vulnerabilities
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20120607_BIND97_ON_SL5_X.NASL
    descriptionThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind97 are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen2020-03-18
    modified2012-08-01
    plugin id61324
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61324
    titleScientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20120607)
  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2012-0016.NASL
    descriptiona. VMware vSphere API denial of service vulnerability The VMware vSphere API contains a denial of service vulnerability. This issue allows an unauthenticated user to send a maliciously crafted API request and disable the host daemon. Exploitation of the issue would prevent management activities on the host but any virtual machines running on the host would be unaffected. VMware would like to thank Sebastian Tello of Core Security Technologies for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-5703 to this issue. b. Update to ESX service console bind packages The ESX service console bind packages are updated to the following versions : bind-libs-9.3.6-20.P1.el5_8.2 bind-utils-9.3.6-20.P1.el5_8.2 These updates fix multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2012-1033, CVE-2012-1667, and CVE-2012-3817 to these issues. c. Update to ESX service console python packages The ESX service console Python packages are updated to the following versions : python-2.4.3-46.el5_8.2.x86_64 python-libs-2.4.3-46.el5_8.2.x86_64 These updates fix multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-4940, CVE-2011-4944, and CVE-2012-1150 to these issues. d. Update to ESX service console expat package The ESX service console expat package is updated to expat-1.95.8-11.el5_8. This update fixes multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2012-0876 and CVE-2012-1148 to these issues. e. Update to ESX service console nspr and nss packages This patch updates the ESX service console Netscape Portable Runtime and Network Security Services RPMs to versions nspr-4.9.1.4.el5_8 and nss-3.13.5.4.9834, respectively, to resolve multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-0441 to this issue. This patch also resolves a certificate trust issue caused by a fraudulent DigiNotar root certificate.
    last seen2020-06-01
    modified2020-06-02
    plugin id62944
    published2012-11-16
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/62944
    titleVMSA-2012-0016 : VMware security updates for vSphere API and ESX Service Console
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2012-0716.NASL
    descriptionUpdated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id59423
    published2012-06-08
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59423
    titleRHEL 5 / 6 : bind (RHSA-2012:0716)
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHNE_43369.NASL
    descriptions700_800 11.23 BIND 9.2.0 Revision 5.0 : A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely as a domain name revalidation.
    last seen2020-06-01
    modified2020-06-02
    plugin id63319
    published2012-12-21
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63319
    titleHP-UX PHNE_43369 : s700_800 11.23 BIND 9.2.0 Revision 5.0
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2012-0717.NASL
    descriptionFrom Red Hat Security Advisory 2012:0717 : Updated bind97 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind97 are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id68538
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68538
    titleOracle Linux 5 : bind97 (ELSA-2012-0717)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2020-0021.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0021 for details.
    last seen2020-06-10
    modified2020-06-05
    plugin id137170
    published2020-06-05
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137170
    titleOracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2012-84.NASL
    descriptionA flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033)
    last seen2020-06-01
    modified2020-06-02
    plugin id69691
    published2013-09-04
    reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/69691
    titleAmazon Linux AMI : bind (ALAS-2012-84)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL15481.NASL
    descriptionThe resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a
    last seen2020-06-01
    modified2020-06-02
    plugin id78189
    published2014-10-10
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78189
    titleF5 Networks BIG-IP : BIND vulnerability (SOL15481)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2012-0717.NASL
    descriptionUpdated bind97 packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind97 are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id59414
    published2012-06-08
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59414
    titleCentOS 5 : bind97 (CESA-2012:0717)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-382.NASL
    descriptionFixed domain name resolving flaw: CVE-2012-1033, bnc#746074 Non-security fixes : - added TLSA record type - added wire format lookup method to sdb - many many bugfixes (see CHANGES for details) - 9.8.3-P1
    last seen2020-06-05
    modified2014-06-13
    plugin id74677
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74677
    titleopenSUSE Security Update : bind (openSUSE-SU-2012:0864-1)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2017-0066.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578) - Fix and test caching CNAME before DNAME (ISC change 4558) - Fix CVE-2016-9147 (ISC change 4510) - Fix regression introduced by CVE-2016-8864 (ISC change 4530) - Restore SELinux contexts before named restart - Use /lib or /lib64 only if directory in chroot already exists - Tighten NSS library pattern, escape chroot mount path - Fix (CVE-2016-8864) - Do not change lib permissions in chroot (#1321239) - Support WKS records in chroot (#1297562) - Do not include patch backup in docs (fixes #1325081 patch) - Backported relevant parts of [RT #39567] (#1259923) - Increase ISC_SOCKET_MAXEVENTS to 2048 (#1326283) - Fix multiple realms in nsupdate script like upstream (#1313286) - Fix multiple realm in nsupdate script (#1313286) - Use resolver-query-timeout high enough to recover all forwarders (#1325081) - Fix (CVE-2016-2848) - Fix infinite loop in start_lookup (#1306504) - Fix (CVE-2016-2776)
    last seen2020-06-01
    modified2020-06-02
    plugin id99569
    published2017-04-21
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/99569
    titleOracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20120607_BIND_ON_SL5_X.NASL
    descriptionThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen2020-03-18
    modified2012-08-01
    plugin id61325
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/61325
    titleScientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64 (20120607)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2012-0716.NASL
    descriptionUpdated bind packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to-live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) Users of bind are advised to upgrade to these updated packages, which correct these issues. After installing the update, the BIND daemon (named) will be restarted automatically.
    last seen2020-06-01
    modified2020-06-02
    plugin id59413
    published2012-06-08
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59413
    titleCentOS 5 / 6 : bind (CESA-2012:0716)

Redhat

advisories
rhsa
idRHSA-2012:0717
rpms
  • bind-30:9.3.6-20.P1.el5_8.1
  • bind-32:9.7.3-8.P3.el6_2.3
  • bind-chroot-30:9.3.6-20.P1.el5_8.1
  • bind-chroot-32:9.7.3-8.P3.el6_2.3
  • bind-debuginfo-30:9.3.6-20.P1.el5_8.1
  • bind-debuginfo-32:9.7.3-8.P3.el6_2.3
  • bind-devel-30:9.3.6-20.P1.el5_8.1
  • bind-devel-32:9.7.3-8.P3.el6_2.3
  • bind-libbind-devel-30:9.3.6-20.P1.el5_8.1
  • bind-libs-30:9.3.6-20.P1.el5_8.1
  • bind-libs-32:9.7.3-8.P3.el6_2.3
  • bind-sdb-30:9.3.6-20.P1.el5_8.1
  • bind-sdb-32:9.7.3-8.P3.el6_2.3
  • bind-utils-30:9.3.6-20.P1.el5_8.1
  • bind-utils-32:9.7.3-8.P3.el6_2.3
  • caching-nameserver-30:9.3.6-20.P1.el5_8.1
  • bind97-32:9.7.0-10.P2.el5_8.1
  • bind97-chroot-32:9.7.0-10.P2.el5_8.1
  • bind97-debuginfo-32:9.7.0-10.P2.el5_8.1
  • bind97-devel-32:9.7.0-10.P2.el5_8.1
  • bind97-libs-32:9.7.0-10.P2.el5_8.1
  • bind97-utils-32:9.7.0-10.P2.el5_8.1

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 51898 CVE ID: CVE-2012-1033 BIND是一个应用非常广泛的DNS协议实现,由ISC负责维护,具体的开发由Nominum公司完成。 ISC BIND在缓存更新策略的实现上存在无法正确处理废弃域名的安全限制绕过漏洞,可导致从注册表中删除后还可以解析域名。 0 ISC BIND 9.2.x ISC BIND 9.3.x ISC BIND 9.4.x ISC BIND 9.5.x ISC BIND 9.6.x ISC BIND 9.7.x ISC BIND 9.8.x 厂商补丁: ISC --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.isc.org/
idSSV:30099
last seen2017-11-19
modified2012-02-09
published2012-02-09
reporterRoot
titleISC BIND安全限制绕过漏洞(CVE-2012-1033)