Home / Vulnerability Database / C or C++ : DNS lookup usage for an authentication

C/C++

C or C++ : DNS lookup usage for an authentication

Classification

OWASP Top 10 2021

A4-Insecure Design

CWE

CWE-350 CWE-807

CWE/SANS Top 25 2011

CWE-807

Overview

Usage of gethostbyaddr and gethostbyname functions for an authentication purposes is unsafe because of the return value could be modified by an attacker.

References

CWE-350

LOW

C or C++ : DNS lookup usage for an authentication

Classification

Overview

References

DerScanner Severity Score

Do you want to fix C or C++ : DNS lookup usage for an authentication in your application?

See also

C or C++ : Dead store

C or C++ : Use after free

C or C++ : va_list uninitialized