Isc · Bind-Dyndb-Ldap · CVE-2012-3429
**Name of the Vulnerable Software and Affected Versions**
bind-dyndb-ldap version 1.1.0rc1 and earlier
**Description**
The issue arises from the dns to ldap dn escape function in src/ldap convert.c, which fails to properly escape distinguished names (DN) for LDAP queries. This allows remote DNS servers to cause a denial of service, specifically a named service hang, by including a "$" character in a DN within a DNS query.
**Recommendations**
For bind-dyndb-ldap version 1.1.0rc1 and earlier, consider disabling the dns to ldap dn escape function until a patch is available to properly escape distinguished names and prevent the denial of service.