{"id":"CVE-2008-4392","details":"dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query.","modified":"2026-04-10T03:40:12.607197Z","published":"2009-02-19T16:30:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/33855"},{"type":"ADVISORY","url":"http://www.your.org/dnscache/"},{"type":"ADVISORY","url":"http://www.your.org/dnscache/djbdns.pdf"},{"type":"FIX","url":"http://www.your.org/dnscache/"},{"type":"WEB","url":"http://www.securityfocus.com/bid/33818"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48807"}],"schema_version":"1.7.5"}