Note:
This project will be discontinued after December 13, 2021. [more]
2012-02-17
The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
Products | Djbdns |
Type | Improper Input Validation (CWE-20) |
First patch | - None (likely due to unavailable code) |
Links | https://www.isc.org/files/imce/ghostdomain_camera.pdf |