CVE-2012-1033

2012-02-0800:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.5%

JSON

The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names
and TTL values in NS records during the processing of a response to an A
record query, which allows remote attackers to trigger continued
resolvability of revoked domain names via a “ghost domain names” attack.

Bugs

<https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1033>

Notes

Author	Note
mdeslaur	upstream advisory says they won’t be releasing a fix for this dns-sec is the workaround. upstream apparently included the fix anyway: 3282. [bug] Restrict the TTL of NS RRset to no more than that of the old NS RRset when replacing it. [RT #27792] [RT #27884]

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchbind9< 1:9.4.2.dfsg.P2-2ubuntu0.10UNKNOWN
ubuntu10.04noarchbind9< 1:9.7.0.dfsg.P1-1ubuntu0.5UNKNOWN
ubuntu11.04noarchbind9< 1:9.7.3.dfsg-1ubuntu2.4UNKNOWN
ubuntu11.10noarchbind9< 1:9.7.3.dfsg-1ubuntu4.2UNKNOWN
ubuntu12.04noarchbind9< 1:9.8.1.dfsg.P1-4ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	bind9	< 1:9.4.2.dfsg.P2-2ubuntu0.10	UNKNOWN
ubuntu	10.04	noarch	bind9	< 1:9.7.0.dfsg.P1-1ubuntu0.5	UNKNOWN
ubuntu	11.04	noarch	bind9	< 1:9.7.3.dfsg-1ubuntu2.4	UNKNOWN
ubuntu	11.10	noarch	bind9	< 1:9.7.3.dfsg-1ubuntu4.2	UNKNOWN
ubuntu	12.04	noarch	bind9	< 1:9.8.1.dfsg.P1-4ubuntu0.1	UNKNOWN