CVE-2012-2134

Name of the Vulnerable Software and Affected Versions bind-dyndb-ldap versions prior to 1.1.0rc1

Description The issue arises from the handle connection error function in ldap helper.c, which fails to properly handle LDAP query errors. This can be exploited by remote attackers to cause a denial of service, resulting in an infinite loop and named server hang. The attack can be triggered by including a non-alphabet character in the base DN of an LDAP search DNS query.

Recommendations For versions prior to 1.1.0rc1, update to version 1.1.0rc1 or later to resolve the issue. As a temporary workaround, consider restricting the input allowed in the base DN of LDAP search DNS queries to prevent the inclusion of non-alphabet characters.