[Dnsmasq-discuss] dnsmasq mishandles some cases when bad dns response packet is received
Geert Stappers
stappers at stappers.nl
Sat Nov 12 08:15:38 UTC 2022
On Sat, Nov 12, 2022 at 10:30:09AM +0800, ZhangJiangyu 张江瑜 via Dnsmasq-discuss wrote:
> Hi,
>
> Description
>
> When the DNS forwarder iteratively queries the malicious domain name
> server, it returns some malformed dns packets, and dnsmasq returns the
> packet to the client without proper verification, which will give the
> user a distrust or malicious data. Other authoritative dns servers
> have done correct verification. there are three bugs below, you can
> start a fake domain name server locally and return specific data.
>
> Steps to reproduce
>
> 1、Turn on a fake name server and return a specific payload.
How?
Groeten
Geert Stappers
--
Silence is hard to parse
More information about the Dnsmasq-discuss
mailing list