Back to search
CVE-2012-1570
Published: Mar 28, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20120320 Re: CVE request: maradns deleted domain record cache persistance flaw
mailing-list
x_refsource_MLIST
maradns-domain-spoofing(74119)
vdb-entry
x_refsource_XF
[oss-security] 20120319 CVE request: maradns deleted domain record cache persistance flaw
mailing-list
x_refsource_MLIST
48492
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=804770
x_refsource_CONFIRM
80192
vdb-entry
x_refsource_OSVDB
1026821
vdb-entry
x_refsource_SECTRACK
http://www.maradns.org/changelog.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now