Symantec Enterprise Firewall DNSD DNS Cache Poisoning Vulnerability

info
discussion
exploit
solution
references

Symantec Enterprise Firewall DNSD DNS Cache Poisoning Vulnerability

It is reported that dnsd is prone to a cache poisoning vulnerability.

Dnsd does not ensure that the data returned from a remote DNS server contains related information about the requested records.

An attacker could exploit this vulnerability to deny service to legitimate users by redirecting traffic to inappropriate hosts. Man-in-the-middle attacks, impersonation of sites, and other attacks may be possible.