Apple Bonjour for Windows mDNSResponder Remote Forged DNS Response Vulnerability

Apple Bonjour for Windows mDNSResponder Remote Forged DNS Response Vulnerability

Apple Bonjour for Windows mDNSResponder is prone to a remote vulnerability that can allow attackers to spoof DNS responses because of a weakness in its DNS protocol implementation.

An attacker may leverage this issue to forge unicast hostname resolution responses in applications that may use the application's API for DNS. Successful exploits allow attackers to redirect network traffic, which can aid in man-in-the-middle attacks.

Versions prior to Bonjour for Windows 1.0.5, included in Apple iTunes 8.0, are vulnerable to this issue.