"ghost domain names" attack CVE-2012-1193
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pdns-recursor (Ubuntu) |
Fix Released
|
Low
|
Unassigned | ||
Precise |
Won't Fix
|
Low
|
Unassigned |
Bug Description
http://
I'm not using 12.04 or PowerDNS Recursor, but I hope the following patches will help someone else fix the issue.
https:/
From http://
"While Recursor 3.3 was not vulnerable to the specific attack noted in 'Ghost Domain Names: Revoked Yet Still Resolvable', further investigation showed that a variant of the attack could work. This was fixed in r3085."
http://
related:
http://
http://
http://
There's also the following upstream bug:
http://
CVE References
information type: | Private Security → Public |
information type: | Public → Public Security |
tags: |
added: precise removed: cve-2012-1193 |
Changed in pdns-recursor (Ubuntu): | |
importance: | Undecided → Low |
Changed in pdns-recursor (Ubuntu Precise): | |
importance: | Undecided → Low |
status: | New → Confirmed |
Changed in pdns-recursor (Ubuntu): | |
status: | New → Fix Released |
The Precise Pangolin has reached end of life, so this bug will not be fixed for that release