CVE-2012-1033

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.

References

http://marc.info/?l=bugtraq&m=135638082529878&w=2

http://osvdb.org/78916

http://rhn.redhat.com/errata/RHSA-2012-0717.html

http://secunia.com/advisories/47884

http://www.kb.cert.org/vuls/id/542123

http://www.securityfocus.com/bid/51898

http://www.securitytracker.com/id?1026647

https://exchange.xforce.ibmcloud.com/vulnerabilities/73053

https://hermes.opensuse.org/messages/15136456

https://hermes.opensuse.org/messages/15136477

https://www.isc.org/software/bind/advisories/cve-2012-1033

Details

Source: MITRE

Published: 2012-02-08

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.0.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.1.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.1.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.1.3:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.2:p3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.3:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.4:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.5:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.6:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.2.7:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.3.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.3.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.3.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.3.3:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.4.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.4.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.4.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.4.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.4.3:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.4.3:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.5.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.5.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.5.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.5.1:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.6.0:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
137170OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)NessusOracleVM Local Security Checks
high
99569OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)NessusOracleVM Local Security Checks
high
91739OracleVM 3.2 : bind (OVMSA-2016-0055)NessusOracleVM Local Security Checks
high
89039VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)NessusMisc.
high
78189F5 Networks BIG-IP : BIND vulnerability (SOL15481)NessusF5 Networks Local Security Checks
medium
74678openSUSE Security Update : bind (openSUSE-SU-2012:0863-1)NessusSuSE Local Security Checks
medium
74677openSUSE Security Update : bind (openSUSE-SU-2012:0864-1)NessusSuSE Local Security Checks
medium
69691Amazon Linux AMI : bind (ALAS-2012-84)NessusAmazon Linux Local Security Checks
high
68538Oracle Linux 5 : bind97 (ELSA-2012-0717)NessusOracle Linux Local Security Checks
high
68537Oracle Linux 5 / 6 : bind (ELSA-2012-0716)NessusOracle Linux Local Security Checks
high
6805ISC BIND 9 Cache Update Policy Deleted Domain Name Resolving WeaknessNessus Network MonitorDNS Servers
medium
63319HP-UX PHNE_43369 : s700_800 11.23 BIND 9.2.0 Revision 5.0NessusHP-UX Local Security Checks
medium
62944VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service ConsoleNessusVMware ESX Local Security Checks
high
62355ISC BIND Cache Update Policy Deleted Domain Name Resolving WeaknessNessusDNS
medium
62237GLSA-201209-04 : BIND: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
61325Scientific Linux Security Update : bind on SL5.x, SL6.x i386/x86_64 (20120607)NessusScientific Linux Local Security Checks
high
61324Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 (20120607)NessusScientific Linux Local Security Checks
high
59507Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2012-166-01)NessusSlackware Local Security Checks
high
59424RHEL 5 : bind97 (RHSA-2012:0717)NessusRed Hat Local Security Checks
high
59423RHEL 5 / 6 : bind (RHSA-2012:0716)NessusRed Hat Local Security Checks
high
59414CentOS 5 : bind97 (CESA-2012:0717)NessusCentOS Local Security Checks
high
59413CentOS 5 / 6 : bind (CESA-2012:0716)NessusCentOS Local Security Checks
high
59386Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : bind9 vulnerabilities (USN-1462-1)NessusUbuntu Local Security Checks
high