Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Domain_name_relay_daemon | Domain_name_relay_daemon_project | 2.20.3 (including) | 2.20.3 (including) |
References
- http://dnrd.sourceforge.net/
- https://www.openwall.com/lists/oss-security/2022/08/14/1
- https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner
- https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner
- http://dnrd.sourceforge.net/
- https://www.openwall.com/lists/oss-security/2022/08/14/1
- https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner
- https://www.usenix.org/conference/usenixsecurity22/presentation/jeitner