Launchpad CVE tracker

CVE 2012-1667

ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.

Related bugs and status

CVE-2012-1667 (Candidate) is related to these bugs:

Bug #1008845: (CVE-2012-1667) <bind9-1:9.8.3-p1 : Handling of zero length rdata can cause named to terminate unexpectedly (CVE-2012-1667)

Summary				In	Importance	Status
	1008845	(CVE-2012-1667) <bind9-1:9.8.3-p1 : Handling of zero length rdata can cause named to terminate unexpectedly (CVE-2012-1667)		bind9 (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.isc.org/sof...
CONFIRM: https://kb.isc.org/art...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2012-09-19-2
REDHAT: RHSA-2012:1110
SECUNIA: 51096
MANDRIVA: MDVSA-2012:089
BID: 53772
CONFIRM: https://h20564.www2.hp...
HP: HPSBUX02795
HP: SSRT100878
SLACKWARE: SSA:2012-341-01
DEBIAN: DSA-2486
SUSE: SUSE-SU-2012:0741
SUSE: openSUSE-SU-2012:0722
CERT-VN: VU#381699
REDHAT: RHSA-2012:0717

Launchpad.net

CVE 2012-1667

Related bugs and status

Related bugs

References