[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2012:0683-01 -- Redhat bind-dyndb-ldap

ID: oval:org.secpod.oval:def:500801Date: (C)2012-05-22   (M)2023-12-07
Class: PATCHFamily: unix




The dynamic LDAP back end is a plug-in for BIND that provides back-end capabilities to LDAP databases. It features support for dynamic updates and internal caching that help to reduce the load on LDAP servers. A flaw was found in the way bind-dyndb-ldap handled LDAP query errors. If a remote attacker were able to send DNS queries to a named server that is configured to use bind-dyndb-ldap, they could trigger such an error with a DNS query leveraging bind-dyndb-ldap"s insufficient escaping of the LDAP base DN . This would result in an invalid LDAP query that named would retry in a loop, preventing it from responding to other DNS queries. With this update, bind-dyndb-ldap only attempts to retry one time when an LDAP search returns an unexpected error. Red Hat would like to thank Ronald van Zantvoort for reporting this issue. All bind-dyndb-ldap users should upgrade to this updated package, which contains a backported patch to correct this issue. For the update to take effect, the named service must be restarted.

Platform:
Red Hat Enterprise Linux 6
Product:
bind-dyndb-ldap
Reference:
RHSA-2012:0683-01
CVE-2012-2134
CVE    1
CVE-2012-2134
CPE    11
cpe:/a:martin_nagy:bind-dyndb-ldap:1.0.0:b1
cpe:/o:redhat:enterprise_linux:6
cpe:/a:martin_nagy:bind-dyndb-ldap:0.2.0
cpe:/a:martin_nagy:bind-dyndb-ldap:1.0.0:rc1
...

© SecPod Technologies