Back to search
CVE-2012-1033
Published: Feb 8, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
HPSBUX02835
vendor-advisory
x_refsource_HP
isc-bind-update-sec-bypass(73053)
vdb-entry
x_refsource_XF
https://www.isc.org/software/bind/advisories/cve-2012-1033
x_refsource_CONFIRM
1026647
vdb-entry
x_refsource_SECTRACK
47884
third-party-advisory
x_refsource_SECUNIA
SSRT100763
vendor-advisory
x_refsource_HP
openSUSE-SU-2012:0864
vendor-advisory
x_refsource_SUSE
78916
vdb-entry
x_refsource_OSVDB
RHSA-2012:0717
vendor-advisory
x_refsource_REDHAT
VU#542123
third-party-advisory
x_refsource_CERT-VN
openSUSE-SU-2012:0863
vendor-advisory
x_refsource_SUSE
51898
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now