A Security Problem and Proposed Correction With Widely Deployed DNS Software, October 1993
- Canonical URL:
- File formats:
- E. Gavron
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
This document discusses a flaw in some of the currently distributed name resolver clients. The flaw exposes a security weakness related to the search heuristic invoked by these same resolvers when users provide a partial domain name, and which is easy to exploit. This document points out the flaw, a case in point, and a solution. This memo provides information for the Internet community. It does not specify an Internet standard.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.