CVE-2012-3429

Name of the Vulnerable Software and Affected Versions bind-dyndb-ldap version 1.1.0rc1 and earlier

Description The issue arises from the dns to ldap dn escape function in src/ldap convert.c, which fails to properly escape distinguished names (DN) for LDAP queries. This allows remote DNS servers to cause a denial of service, specifically a named service hang, by including a "$" character in a DN within a DNS query.

Recommendations For bind-dyndb-ldap version 1.1.0rc1 and earlier, consider disabling the dns to ldap dn escape function until a patch is available to properly escape distinguished names and prevent the denial of service.