Описание
ELSA-2012-1139: bind-dyndb-ldap security update (IMPORTANT)
[1.1.0-0.9.b1.1]
- fix CVE-2012-3429
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
bind-dyndb-ldap
1.1.0-0.9.b1.el6_3.1
Oracle Linux i686
bind-dyndb-ldap
1.1.0-0.9.b1.el6_3.1
Связанные CVE
Связанные уязвимости
The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to cause a denial of service (named service hang) via a "$" character in a DN in a DNS query.
The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to cause a denial of service (named service hang) via a "$" character in a DN in a DNS query.
The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb ...
The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to cause a denial of service (named service hang) via a "$" character in a DN in a DNS query.