Oval Definition:	oval:org.mitre.oval:def:21570
Revision Date: 2014-02-24 Version: 10 Title: RHSA-2012:1139: bind-dyndb-ldap security update (Important) Description: The dns_to_ldap_dn_escape function in src/ldap_convert.c in bind-dyndb-ldap 1.1.0rc1 and earlier does not properly escape distinguished names (DN) for LDAP queries, which allows remote DNS servers to cause a denial of service (named service hang) via a "$" character in a DN in a DNS query. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2012:1139 CVE-2012-3429 RHSA-2012:1139-01 Platform(s): CentOS Linux 6 Red Hat Enterprise Linux 6 Product(s): bind-dyndb-ldap Definition Synopsis bind-dyndb-ldap is earlier than 0:1.1.0-0.9.b1.el6_3.1 AND Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 OR The operating system installed on the system is CentOS Linux 6.x
BACK