5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.01 Low
EPSS
Percentile
83.5%
ISC BIND 9 resolver contains a vulnerability that could allow a attacker to keep a domain name in the cache even after it has been deleted from registration.
According to ISC:
I__SC has been notified by Haixin Duan (a professor at Tsinghua University in Beijing China, who is currently visiting the International Computer Science Institute (ICSI) at the University of California, Berkeley) about a DNS resolver vulnerability. This vulnerability allows a miscreant to keep a domain name in the cache even after it has been deleted from registration. ISC is evaluating the risk of this vulnerability, but the published paper shows how this was done live across the Internet. It lists several DNS implementations and open resolver deployments as vulnerable.
The exploit was presented at the NDSS conference: "Ghost Domain Names: Revoked Yet Still Resolvable."
A remote, unauthenticated attacker can cause the BIND 9 resolver to keep a domain name in the cache even after it has been deleted from registration.
We are currently unaware of a practical solution to this problem.
542123
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: February 08, 2012
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 5 | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Temporal | 3.9 | E:POC/RL:OF/RC:C |
Environmental | 3.9 | CDP:ND/TD:H/CR:ND/IR:ND/AR:ND |
The Internet Systems Consortium thanks the following people for reporting this vulnerability:Jian Jiang, Network Research Center, Tsinghua UniversityHaixin Duan, Network Research Center, Tsinghua UniversityJianping Wu, Network Research Center, Tsinghua UniversityKang Li, Department of Computer Science, University of GeorgiaJun Li, University of Oregon Carlos III University of Madrid, Institute IMDEA NetworksJinjin Liang, Network Research Center Tsinghua UniversityNicholas Weaver, International Computer Science Institute (ICSI)
This document was written by Michael Orlando.
CVE IDs: | CVE-2012-1033 |
---|---|
Severity Metric: | 19.89 Date Public: |