The response_addname function in response.c in Daniel J. Bernstein djbdns 1.05 and previous versions does not constrain offsets in the required manner, which allows remote attackers, with control over a third-party subdomain served by tinydns and axfrdns, to trigger DNS responses containing arbitrary records via crafted zone data for this subdomain.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
d.j.bernstein djbdns |