CVE-2022-30256

2022-11-1900:00:00

ubuntu.com

maradns deadwood

unintended resolution

exploit impact

dns specifications

operational practices

ghost domain names

unix

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.002

Percentile

54.1%

JSON

An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows
variant V1 of unintended domain name resolution. A revoked domain name can
still be resolvable for a long time, including expired domains and
taken-down malicious domains. The effects of an exploit would be widespread
and highly impactful, because the exploitation conforms to de facto DNS
specifications and operational practices, and overcomes current mitigation
patches for “Ghost” domain names.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchmaradns< 2.0.13-1.2ubuntu0.1~esm1UNKNOWN
ubuntu20.04noarchmaradns< 2.0.13-1.4+deb11u1build0.20.04.1UNKNOWN
ubuntu22.04noarchmaradns< 2.0.13-1.4+deb11u1build0.22.04.1UNKNOWN
ubuntu23.04noarchmaradns< 2.0.13-1.4+deb11u1build0.23.04.1UNKNOWN
ubuntu16.04noarchmaradns< 2.0.13-1ubuntu0.1~esm1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	maradns	< 2.0.13-1.2ubuntu0.1~esm1	UNKNOWN
ubuntu	20.04	noarch	maradns	< 2.0.13-1.4+deb11u1build0.20.04.1	UNKNOWN
ubuntu	22.04	noarch	maradns	< 2.0.13-1.4+deb11u1build0.22.04.1	UNKNOWN
ubuntu	23.04	noarch	maradns	< 2.0.13-1.4+deb11u1build0.23.04.1	UNKNOWN
ubuntu	16.04	noarch	maradns	< 2.0.13-1ubuntu0.1~esm1	UNKNOWN