Detections
Analytics

MiracleLinux 4 : bind-dyndb-ldap-1.1.0-0.9.b1.0.2.AXS4 (AXSA:2012-800:03)

high Nessus Plugin ID 283891

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-800:03 advisory.

 This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server.
 Security issues fixed with this release;
 CVE-2012-2134 No description available at the time of writing, please use the CVE links below.
 Bug Fixes Improved the parsing of Resource Records (RR). If a RR is invalid, the bind-dyndb-ldap plug-in logs a Failed to parse RR entry error message and the rest of the zone continues to load as expected.
 The bind-dyndb-ldap plugin tried only once to connect to an LDAP server. If it failed, it did not try again and users had to run rndc reload to make the plugin work again. This has been fixed, the plugin retries periodically until it succeeds and user intervention is not necessary.
 After the zone_refresh period timed out and despite the zone being removed from the LDAP server, the plug-in would still serve the zone. This has been fixed.
 The plugin could sometimes make the named daemon crashed. This has been fixed.
 If the named daemon momentarily lost connection to an LDAP server, and if some zones previously present had been removed from the server during the time named was not connected, the plug-in would crash. This has been fixed.
 Fixed some string lengths that resulted in the Start of Authority (SOA) serial number and expiry time being incorrectly set during the ipa-server installation. This has been fixed.
 It now escapes special characters DNS names in queries correctly.
 Fixed the delegation of A or AAAA glue records in the additional section of a DNS answer: delegated zones are correctly resolvable.
 Enhancements Added idnsAllowQuery and idnsAllowTransfer, two new attributes used to set ACLs for queries or transfers.
 Added idnsForwarders and idnsForwardPolicy, two new attributes used to configure forwarding.
 Added support for zone transfers.
 Added sync_ptr, a new option used to keep A and AAAA records and their PTR records synchronized.
 Previously, the plug-in configuration was taken from the named.conf file. Now it is also available from idnsConfigObject in LDAP, which has a higher priority than named.conf, although this will change in the future.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected bind-dyndb-ldap package.

See Also

https://tsn.miraclelinux.com/en/node/3339

Plugin Details

Severity: High

ID: 283891

File Name: miracle_linux_AXSA-2012-800.nasl

Version: 1.1

Type: local

Published: 1/14/2026

Updated: 1/14/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2012-2134

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:bind-dyndb-ldap

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/20/2012

Vulnerability Publication Date: 4/24/2012

Reference Information

CVE: CVE-2012-2134