Skip to content
Threat Feed

Vendor

Hickory DNS

1 brief RSS
medium advisory

Hickory DNS Recursor Cache Poisoning via Sibling Zone Delegation

The experimental `hickory-recursor` crate in Hickory DNS is vulnerable to cross-zone cache poisoning due to storing DNS records keyed by record name/type instead of query, enabling an attacker to redirect queries for a victim zone to an attacker-controlled nameserver.

hickory-recursor +1 dns cache-poisoning zone-delegation
2r