CVE-2008-4392 Information

Description

dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries which makes it easier for remote attackers to spoof DNS responses as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query.

Reference

http://secunia.com/advisories/33855 http://www.securityfocus.com/bid/33818 http://www.your.org/dnscache/ http://www.your.org/dnscache/djbdns.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/48807