[Infowarrior] - Major DNS vulnerability announced
Richard Forno
rforno at infowarrior.org
Tue Jul 8 20:51:42 UTC 2008
http://www.kb.cert.org/vuls/id/800113
Vulnerability Note VU#800113
Multiple DNS implementations vulnerable to cache poisoning
Overview
Deficiencies in the DNS protocol and common DNS implementations
facilitate DNS cache poisoning attacks.
I. Description
The Domain Name System (DNS) is responsible for translating host names
to IP addresses (and vice versa) and is critical for the normal
operation of internet-connected systems. DNS cache poisoning
(sometimes referred to as cache pollution) is an attack technique that
allows an attacker to introduce forged DNS information into the cache
of a caching nameserver. DNS cache poisoning is not a new concept; in
fact, there are published articles that describe a number of inherent
deficiencies in the DNS protocol and defects in common DNS
implementations that facilitate DNS cache poisoning. The following are
examples of these deficiencies and defects:
< - >
II. Impact
An attacker with the ability to conduct a successful cache poisoning
attack can cause a nameserver's clients to contact the incorrect, and
possibly malicious, hosts for particular services. Consequently, web
traffic, email, and other important network data can be redirected to
systems under the attacker's control.
< - >
http://www.kb.cert.org/vuls/id/800113
More information about the Infowarrior
mailing list