Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
  home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability alert CVE-2012-1667

BIND: denial of service via rdata null

Synthesis of the vulnerability

An attacker can use a zone containing an empty record, in order to stop a recursive DNS server, or to obtain fragments of its memory.
Impacted products: Debian, BIG-IP Appliance, Fedora, FreeBSD, HP-UX, AIX, BIND, MES, Mandriva Linux, McAfee Email and Web Security, NLD, OpenBSD, openSUSE, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, ESX.
Severity: 2/4.
Creation date: 04/06/2012.
Identifiers: BID-53772, c03388901, c03526327, CERTA-2012-AVI-305, CERTA-2012-AVI-305-001, CERTA-2012-AVI-348, CERTA-2012-AVI-364, CERTA-2012-AVI-601, CERTA-2012-AVI-663, CVE-2012-1667, DSA 2486-1, ESX410-201211001, ESX410-201211401-SG, ESX410-201211402-SG, ESX410-201211405-SG, ESX410-201211407-SG, FEDORA-2012-8946, FEDORA-2012-8962, FEDORA-2012-8968, FreeBSD-SA-12:03.bind, HPSBUX02795, HPSBUX02823, IV22554, IV22555, IV22556, IV22557, IV22625, MDVSA-2012:089, openSUSE-SU-2012:0722-1, openSUSE-SU-2013:0605-1, RHSA-2012:0716-01, RHSA-2012:0717-01, RHSA-2012:1110-01, sol13175, SOL13660, SSA:2012-166-01, SSA:2012-341-01, SSRT100878, SSRT100976, SUSE-SU-2012:0741-1, SUSE-SU-2012:0741-2, SUSE-SU-2012:0741-3, SUSE-SU-2012:0741-4, SUSE-SU-2012:0741-5, SUSE-SU-2012:0741-6, VIGILANCE-VUL-11671, VMSA-2012-0016, VU#381699.

Description of the vulnerability

A DNS record contains data (rdata, Record Data), such as a server name or an IP address.

These data can have an empty size. However, BIND processes this case with a NULL pointer, which is handled in a special way. BIND then tries to read data at an invalid memory address. This leads to a stop or to the disclosure of a memory area.

This case occurs when BIND is configured as a recursive server, and queries the attacker's server containing an empty record. This case also occurs when an authoritative server contains an empty record, so secondary servers can memorize an invalid value in their cache.

An attacker can therefore use a zone containing an empty record, in order to stop a recursive DNS server, or to obtain fragments of its memory.
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter 

Computer vulnerabilities tracking service

Vigil@nce provides computers vulnerabilities alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.



















Copyright 1999-2013 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française