| Thread Tools |
19th November 2021, 09:32 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 153,575
| Vulnerability hits DNS servers Send victims to spoofed addresses More than 38 percent of the Internet's domain name lookup servers are vulnerable to a new attack that allows hackers to send victims to maliciously spoofed addresses masquerading as legitimate domains, like bankofamerica.com or gmail.com. The exploit, unveiled in research presented today, revives the DNS cache-poisoning attack that researcher Dan Kaminsky disclosed in 2008. He showed that, by masquerading as an authoritative DNS server and using it to flood a DNS resolver with fake lookup results for a trusted domain, an attacker could poison the resolver cache with the spoofed IP address. From then on, anyone relying on the same resolver would be diverted to the same imposter site. The sleight of hand worked because DNS at the time relied on a transaction ID to prove the IP number returned came from an authoritative server rather than an imposter server attempting to send people to a malicious site. The transaction number had only 16 bits, which meant that there were only 65,536 transaction IDs. Kaminsky realized that hackers could exploit the lack of entropy by bombarding a DNS resolver with off-path responses that included each possible ID. Once the resolver received a response with the correct ID, the server would accept the malicious IP and store the result in cache so that everyone else using the same resolver -- which typically belongs to a corporation, organisation, or ISP -- would also be sent to the same malicious server. https://fudzilla.com/news/53901-vuln...ts-dns-servers |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Chrome-based browsers have vulnerability | Stefan Mileschin | WebNews | 0 | 15th April 2021 10:31 |
A Firefox update fixes yet another zero-day vulnerability | Stefan Mileschin | WebNews | 0 | 24th June 2019 10:34 |
MS Issues Zero Day Vulnerability Patch for IE 9 and 10 | Stefan Mileschin | WebNews | 0 | 24th February 2014 10:33 |
OS X Vulnerability Allows Superuser Access To Hackers | Stefan Mileschin | WebNews | 0 | 30th August 2013 08:10 |
Attack Code Published For DNS Vulnerability | jmke | WebNews | 0 | 24th July 2008 10:00 |
Mozilla Firefox 3.0 Vulnerability | jmke | WebNews | 0 | 19th June 2008 09:51 |
New Zero-Day Vulnerability In Windows | jmke | WebNews | 0 | 6th November 2006 12:39 |
IE7 vulnerability discovered already | jmke | WebNews | 1 | 20th October 2006 15:14 |
ATi RD600 hits 520MHz FSB, NVIDIA C55 hits 510MHz | jmke | WebNews | 0 | 2nd October 2006 21:12 |
Symantec Posts Fix To Vulnerability | jmke | WebNews | 0 | 29th May 2006 10:42 |
Thread Tools | |
| |