Detections
Analytics

MiracleLinux 4 : bind-dyndb-ldap-1.1.0-0.9.b1.0.1.AXS4 (AXSA:2012-575:02)

high Nessus Plugin ID 284066

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-575:02 advisory.

 This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server.
 Security issues fixed with this release;
 CVE-2012-2134 No description available at the time of writing, please use the CVE links below.
 Bug Fixes If a zone contained an invalid Resource Record (RR) with the same Fully Qualified Domain Name (FQDN) as the zone name, the bind-dyndb-ldap plug-in refused to load the entire zone. This has been fixed: if an invalid RR is encountered, an error message Failed to parse RR entry is logged and the zone continues to load.
 The bind-dyndb-ldap plug-in stopped after the first failure to connect to an LDAP server and users had to execute rndc reload to make the plug-in work. This has been fixed: the plug-in retries to connect periodically and no user intervention is required.
 Even after the zone_refresh period timed out and a zone was removed from the LDAP server, the plug-in continued to serve the removed zone. This has been fixed.
 When the named daemon received the rndc reload command or a SIGHUP signal and the plug-in failed to connect to an LDAP server, the plug-in caused named to crash when it received a query which belonged to a zone previously handled by the plug-in. This has been fixed.
 If the named daemon lost connection to an LDAP server for some time and then some zones previously present had been removed from LDAP before a successful reconnection, the plug-in crashed. This has been fixed.
 Fixed the length of some strings so that the SOA serial number and the expiry time fot the forward zone are set correctly during ipa-server installation.
 With sub-domains delegated to other DNS servers, the bind-dyndb-ldap plugin managing the top-domain DNS failed to put A or AAAA glue records in the additional section of a DNS answer and sub-domains were not accessible by other DNS servers.This has been fixed.
 The plug-in now correctly returns answers for queries with non-ASCII characters.
 Enhancements Now supports two new attributes, idnsAllowQuery and idnsAllowTransfer, which can be used to set ACLs for queries or transfers.
 Now supports the new zone attributes idnsForwarders and idnsForwardPolicy which can be used to configure forwarding.
 Now supports zone transfers.
 Added a new option called sync_ptr that can be used to keep A and AAAA records and their PTR records synchronized.
 It is now possible to store configuration for the plug-in in LDAP with idnsConfigObject. Options set through this have higher priority than the ones from the named.conf file.
 Refer to /usr/share/doc/bind-dyndb-ldap/README for more information about the new options and attributes.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected bind-dyndb-ldap package.

See Also

https://tsn.miraclelinux.com/en/node/3090

Plugin Details

Severity: High

ID: 284066

File Name: miracle_linux_AXSA-2012-575.nasl

Version: 1.1

Type: local

Published: 1/14/2026

Updated: 1/14/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2012-2134

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:bind-dyndb-ldap

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 7/24/2012

Vulnerability Publication Date: 4/24/2012

Reference Information

CVE: CVE-2012-2134