User: Password:
|
|
Subscribe / Log in / New account

bind-dyndb-ldap: denial of service

Package(s):bind-dyndb-ldap CVE #(s):CVE-2012-2134
Created:May 16, 2012 Updated:May 23, 2012
Description: From the Red Hat bugzilla:

A denial of service flaw was found in the way the bind-dyndb-ldap, a dynamic LDAP back-end plug-in for BIND providing LDAP database back-end capabilities, performed LDAP connection errors handling / attempted to recover, when an error during a LDAP search happened for a particular DNS query. When the Berkeley Internet Name Domain (BIND) server was patched to support dynamic loading of database back-ends, and the LDAP database back-end was enabled, a remote attacker could use this flaw to cause denial of service (named process hang) via DNS query for zone served by bind-dyndb-ldap.

Alerts:
Fedora FEDORA-2012-6759 bind-dyndb-ldap 2012-05-15
Fedora FEDORA-2012-6722 bind-dyndb-ldap 2012-05-15
CentOS CESA-2012:0683 bind-dyndb-ldap 2012-05-21
Oracle ELSA-2012-0683 bind-dyndb-ldap 2012-05-22
Scientific Linux SL-bind-20120522 bind-dyndb-ldap 2012-05-22
Red Hat RHSA-2012:0683-01 bind-dyndb-ldap 2012-05-21

(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds