CVE-2012-1033

Public on 2012-02-08
Modified on 2014-09-14
Description
The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
Severity
Low severity
Low
See what this means
CVSS v3 Base Score
4.3
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 bind 2012-06-10 ALAS-2012-84 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv2 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2012-1033 Mitre: CVE-2012-1033