Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2012-1570

The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

Related bugs and status

CVE-2012-1570 (Candidate) is related to these bugs:

Bug #1292441: Please sync with Debian to 2.0.09-2 version

Summary				In	Importance	Status
	1292441	Please sync with Debian to 2.0.09-2 version		maradns (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securitytra...
MISC: http://secunia.com/adv...
MISC: http://osvdb.org/80192
MISC: http://www.openwall.co...
MISC: http://www.openwall.co...
MISC: http://www.maradns.org...
MISC: https://bugzilla.redha...
MISC: https://exchange.xforc...