Insecure Caching

2019-01-1508:51:44

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

JSON

bind is vulnerable to ghost domain names attack. This is due to a flaw in the way BIND handles the updates of cached name server (NS) resource records. A malicious owner of a DNS domain is able to abuse the vulnerability to keep the domain resolvable by the BIND server even after the delegation has been removed from the parent DNS zone.

CPENameOperatorVersion
bindeq9.7.0__5.P2.el6
bindeq9.7.0__5.P2.el6_0.1
bindeq9.3.3__7.el5
bindeq9.3.4__6.0.3.P1.el5_2
bindeq9.3.6__4.P1.el5_5.3
bindeq9.3.6__16.P1.el5_7.1
bindeq9.3.3__8.el5
bindeq9.3.6__16.P1.el5
bindeq9.7.3__2.el6_1.P1.1
bindeq9.7.3__2.el6_1.P3.3

Name	Operator	Version
bind	eq	9.7.0__5.P2.el6
bind	eq	9.7.0__5.P2.el6_0.1
bind	eq	9.3.3__7.el5
bind	eq	9.3.4__6.0.3.P1.el5_2
bind	eq	9.3.6__4.P1.el5_5.3
bind	eq	9.3.6__16.P1.el5_7.1
bind	eq	9.3.3__8.el5
bind	eq	9.3.6__16.P1.el5
bind	eq	9.7.3__2.el6_1.P1.1
bind	eq	9.7.3__2.el6_1.P3.3