Описание
The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 2.0.09-1 |
| cosmic | not-affected | 2.0.09-1 |
| devel | not-affected | 2.0.09-1 |
| esm-apps/bionic | not-affected | 2.0.09-1 |
| esm-apps/xenial | not-affected | 2.0.09-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.0.09-1]] |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 over ...
The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
EPSS
4.3 Medium
CVSS2