thr3ads.net - Secure testing team - [Secure-testing-team] Bug#665012: CVE-2012-1570: maradns deleted domain record cache persistance flaw [Mar 2012]

If this information is useful, please help other people find it:
Share via:

Giuseppe Iuculano

2012-Mar-22 10:28 UTC

[Secure-testing-team] Bug#665012: CVE-2012-1570: maradns deleted domain record cache persistance flaw

Package: maradns
Severity: serious
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It was reported that MaraDNS suffers from a flaw where it is susceptible to
spoofing attacks.  Due to an error in the cache update policy, which
does not properly handle revoked domain names, a remote attacker could keep a
domain name resolvable after it has been deleted from the registration.

This flaw is fixed in versions 1.3.0.7.15 and 1.4.12, and is reported to
affect all prior versions.

References:

http://www.maradns.org/changelog.html
https://secunia.com/advisories/48492/
https://bugzilla.redhat.com/show_bug.cgi?id=804770 


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAk9q/sIACgkQNxpp46476arqDQCfSFeWlawN7py9L5lKIE+xR1ix
ATIAn0DxeHe7ugtuET2C9uHbJcAkIwkz
=Pu/Y
-----END PGP SIGNATURE-----

Secure testing team - Mar 2012 - Bug#665012: CVE-2012-1570: maradns deleted domain record cache persistance flaw

[Secure-testing-team] Bug#665012: CVE-2012-1570: maradns deleted domain record cache persistance flaw