The resolver in MaraDNS before 1.3.0.7.15 and 1.4.x before 1.4.12 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a ghost domain names attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Maradns | Maradns | * | 1.3.07.15 (excluding) |
Maradns | Maradns | 1.4.0 (including) | 1.4.12 (excluding) |