An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTechnitium Dns Server
APPTechnitium≤ 8.0.2
Powiązane podatności
An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain nam...
Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an...
A vulnerability in the bailiwick checking function in Technitium DNS Server <= v7.0 exists that allows specifi...
Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation.
An issue in Technitium DNS Server v.13.5 allows a remote attacker to cause a denial of service via the rate-li...