adns Information for VU#457875
Various DNS service implementations generate multiple simultaneous queries for the same resource record
- Vendor Information Help Date Notified: 29 Oct 2002
- Statement Date:
- Date Updated: 15 Nov 2002
adns is not vulnerable. It is a stub resolver library, not a full-service resolver, and does not forward queries.
If the communication between adns and nameserver can be faked up by the attacker, there can be situations where a similar attack might be made to work. These kind of problems are why the adns documentation tells you that you need to make sure that only packets really from your nameserver can arrive at adns with the nameserver's source address and port.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.