A Security Problem and Proposed Correction With Widely Deployed DNS Software
RFC 1535, “A Security Problem and Proposed Correction With Widely Deployed DNS Software”, is an Informational document published in October 1993 by E. Gavron. The canonical text is published by the RFC Editor.
Abstract
This document discusses a flaw in some of the currently distributed name resolver clients. The flaw exposes a security weakness related to the search heuristic invoked by these same resolvers when users provide a partial domain name, and which is easy to exploit. This document points out the flaw, a case in point, and a solution. This memo provides information for the Internet community. It does not specify an Internet standard.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 1535 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 1536 Common DNS Implementation Errors and Suggested Fixes
- RFC 1534 Interoperation Between DHCP and BOOTP
- RFC 1537 Common DNS Data File Configuration Errors
- RFC 1533 DHCP Options and BOOTP Vendor Extensions
- RFC 1538 Advanced SNA/IP : A Simple SNA Transport Protocol
- RFC 1532 Clarifications and Extensions for the Bootstrap Protocol
- RFC 1539 The Tao of IETF - A Guide for New Attendees of the Internet Engineering Task Force
- RFC 1531 Dynamic Host Configuration Protocol