bind-dyndb-ldap dns_to_ldap_dn_escape() denial of service
| binddyndbldap-dnstoldapdnescape-dos (77391) |  Medium Risk |
Description:
The Bind DynDB LDAP bind-dyndb-ldap package is vulnerable to a denial of service, caused by an error in the dns_to_ldap_dn_escape() function when escaping DN values for the LDAP query. A remote attacker could exploit this vulnerability to cause the named process to hang.*CVSS:
| Base Score: | 5 |
| Access Vector: | Network |
| Access Complexity: | Low |
| Authentication: | None |
| Confidentiality Impact: | None |
| Integrity Impact: | None |
| Availability Impact: | Partial |
| Temporal Score: | 3.7 |
| Exploitability: | Unproven |
| Remediation Level: | Official-Fix |
| Report Confidence: | Confirmed |
Consequences:
Denial of Service
Remedy:
Apply the patch for this vulnerability, available from the Bind DynDB LDAP GIT Repository. See References.
References:
- Bind DynDB LDAP GIT Repository: Fix and harden DNS-to-LDAP name conversion. Fixes CVE-2012-3429..
- BID-54787: Bind DynDB LDAP CVE-2012-3429 Package Remote Denial of Service Vulnerability
- CVE-2012-3429: The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to cause a denial of service (named service hang) via a $ character in a DN in a DNS query.
- OSVDB ID: 84437: bind-dyndb-ldap src/ldap_convert.c dns_to_ldap_dn_escape() Function LDAP Query DN Value Escaping Remote DoS
- RHSA-2012-1139: Important: bind-dyndb-ldap security update
- SA50086: bind-dyndb-ldap DN Escaping Denial of Service Vulnerability
Platforms Affected:
- Bind DynDB LDAP bind-dyndb-ldap
- RedHat Enterprise Linux 6 Server
- RedHat Enterprise Linux 6 Workstation
Reported:
Aug 01, 2012
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this
* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.