Input validation error in djbdns - CVE-2012-1191
Published: February 18, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU44265
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2012-1191
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: cr.yp.to
Affected software:
djbdns
djbdns
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to manipulate or delete data.
The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
How to mitigate CVE-2012-1191
Install update from vendor's website.