Problem Description:
When used as a stub resolver over UDP, ldns failed to verify
that a received response belonged to the outstanding query. It did
not check that the response source address and port matched the
query destination, that the transaction ID matched, or that the
question section of the response matched that of the query.
Impact:
Without these checks, an off-path attacker who cannot observe
the query can forge UDP responses that ldns will accept as genuine.
By injecting spoofed replies, the attacker can return arbitrary DNS
data to any program that uses ldns for stub resolving, including
drill(1).