It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Vulnerability hits DNS servers Vulnerability hits DNS servers
FAQ Members List Calendar Search Today's Posts Mark Forums Read


Vulnerability hits DNS servers
Reply
 
Thread Tools
Old 19th November 2021, 09:32   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 153,575
Stefan Mileschin Freshly Registered
Default Vulnerability hits DNS servers

Send victims to spoofed addresses

More than 38 percent of the Internet's domain name lookup servers are vulnerable to a new attack that allows hackers to send victims to maliciously spoofed addresses masquerading as legitimate domains, like bankofamerica.com or gmail.com.

The exploit, unveiled in research presented today, revives the DNS cache-poisoning attack that researcher Dan Kaminsky disclosed in 2008. He showed that, by masquerading as an authoritative DNS server and using it to flood a DNS resolver with fake lookup results for a trusted domain, an attacker could poison the resolver cache with the spoofed IP address. From then on, anyone relying on the same resolver would be diverted to the same imposter site.

The sleight of hand worked because DNS at the time relied on a transaction ID to prove the IP number returned came from an authoritative server rather than an imposter server attempting to send people to a malicious site.

The transaction number had only 16 bits, which meant that there were only 65,536 transaction IDs. Kaminsky realized that hackers could exploit the lack of entropy by bombarding a DNS resolver with off-path responses that included each possible ID.

Once the resolver received a response with the correct ID, the server would accept the malicious IP and store the result in cache so that everyone else using the same resolver -- which typically belongs to a corporation, organisation, or ISP -- would also be sent to the same malicious server.

https://fudzilla.com/news/53901-vuln...ts-dns-servers
Stefan Mileschin is online now   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Chrome-based browsers have vulnerability Stefan Mileschin WebNews 0 15th April 2021 10:31
A Firefox update fixes yet another zero-day vulnerability Stefan Mileschin WebNews 0 24th June 2019 10:34
MS Issues Zero Day Vulnerability Patch for IE 9 and 10 Stefan Mileschin WebNews 0 24th February 2014 10:33
OS X Vulnerability Allows Superuser Access To Hackers Stefan Mileschin WebNews 0 30th August 2013 08:10
Attack Code Published For DNS Vulnerability jmke WebNews 0 24th July 2008 10:00
Mozilla Firefox 3.0 Vulnerability jmke WebNews 0 19th June 2008 09:51
New Zero-Day Vulnerability In Windows jmke WebNews 0 6th November 2006 12:39
IE7 vulnerability discovered already jmke WebNews 1 20th October 2006 15:14
ATi RD600 hits 520MHz FSB, NVIDIA C55 hits 510MHz jmke WebNews 0 2nd October 2006 21:12
Symantec Posts Fix To Vulnerability jmke WebNews 0 29th May 2006 10:42

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 08:54.


Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO