Re: CVE request: maradns deleted domain record cache persistance flaw

[Kurt Seifried <kseifried () redhat com>]

On 03/19/2012 10:18 PM, Vincent Danen wrote:
> I haven't seen a request for this yet:
>
> It was reported that MaraDNS suffers from a flaw where it is susceptible to
> spoofing attacks.  Due to an error in the cache update policy, which
> does not
> properly handle revoked domain names, a remote attacker could keep a domain
> name resolvable after it has been deleted from the registration.
>
> This flaw is fixed in versions 1.3.0.7.15 and 1.4.12, and is reported to
> affect
> all prior versions.
>
> References:
>
> http://www.maradns.org/changelog.html
> https://secunia.com/advisories/48492/
> https://bugzilla.redhat.com/show_bug.cgi?id=804770

Please use CVE-2012-1570 for this issue.

-- 
Kurt Seifried Red Hat Security Response Team (SRT)