The resolver in Unbound before 1.4.11 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
References
Link | Resource |
---|---|
https://www.isc.org/files/imce/ghostdomain_camera.pdf |
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-02-17 14:55
Updated : 2012-02-19 21:00
NVD link : CVE-2012-1192
Mitre link : CVE-2012-1192
JSON object : View
CWE
Products Affected
unbound
- unbound