1. CVE-Search
  2. CVE-2012-1570
ID CVE-2012-1570
Summary The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
References
Vulnerable Configurations
  • cpe:2.3:a:maradns:maradns:1.3.07.10:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.3.07.10:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.3.07.12:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.3.07.12:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.3.07.13:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.3.07.13:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.3.07.14:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.3.07.14:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.01:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.01:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.02:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.02:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.03:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.03:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.04:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.04:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.05:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.05:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.06:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.06:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.07:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.07:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.08:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.08:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.09:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.09:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.10:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.10:*:*:*:*:*:*:*
  • cpe:2.3:a:maradns:maradns:1.4.11:*:*:*:*:*:*:*
    cpe:2.3:a:maradns:maradns:1.4.11:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 14-08-2020 - 17:11)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
confirm
mlist
  • [oss-security] 20120319 CVE request: maradns deleted domain record cache persistance flaw
  • [oss-security] 20120320 Re: CVE request: maradns deleted domain record cache persistance flaw
osvdb 80192
sectrack 1026821
secunia 48492
xf maradns-domain-spoofing(74119)
Last major update 14-08-2020 - 17:11
Published 28-03-2012 - 10:55
Last modified 14-08-2020 - 17:11
Back to Top