CVE-2012-1193 | Vulnerability Database | Aqua Security

The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a ghost domain names attack.

Affected Software

Name	Vendor	Start Version	End Version
Powerdns_recursor	Powerdns	3.3 (including)	3.3 (including)
Pdns-recursor	Ubuntu	hardy	*
Pdns-recursor	Ubuntu	lucid	*
Pdns-recursor	Ubuntu	maverick	*
Pdns-recursor	Ubuntu	natty	*
Pdns-recursor	Ubuntu	oneiric	*
Pdns-recursor	Ubuntu	precise	*
Pdns-recursor	Ubuntu	quantal	*
Pdns-recursor	Ubuntu	raring	*
Pdns-recursor	Ubuntu	saucy	*
Pdns-recursor	Ubuntu	upstream	*
Pdns-recursor	Ubuntu	utopic	*

References

http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102729.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104173.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104177.html
https://www.isc.org/files/imce/ghostdomain_camera.pdf
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102729.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104173.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104177.html
https://www.isc.org/files/imce/ghostdomain_camera.pdf

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1193
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html