PT-2002-1562 · Gnu+1 · Nscd+1
Published
2002-08-12
·
Updated
2008-09-05
·
CVE-2002-0511
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Caldera OpenLinux versions 3.1 through 3.1.1
Description
The default configuration of the Name Service Cache Daemon (nscd) uses cached PTR records instead of consulting the authoritative DNS server for the A record. This could make it easier for remote attackers to bypass applications that restrict access based on host names.
Recommendations
For Caldera OpenLinux versions 3.1 through 3.1.1, consider reconfiguring the nscd to consult the authoritative DNS server for the A record instead of relying on cached PTR records.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Caldera Openlinux
Nscd