A remote user can cause a denial of service by preventing the remote backend from getting a response, content spoofing if the attacker can time its own query so that subsequent queries will use an attacker- controlled HTTP server instead of the configured one, and possibly information disclosure if the Authoritative Server has access to internal servers.