Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Djbdns
(D\.j\.bernstein)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2012-02-17 | CVE-2012-1191 | The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. | Djbdns | N/A | ||
| 2009-03-09 | CVE-2009-0858 | The response_addname function in response.c in Daniel J. Bernstein djbdns 1.05 and earlier does not constrain offsets in the required manner, which allows remote attackers, with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses containing arbitrary records via crafted zone data for this subdomain. | Djbdns | N/A | ||
| 2009-02-19 | CVE-2008-4392 | dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query. | Djbdns | N/A |