Hosting generously provided by
|
|
Widescale DNS flaw discovered
|
Posted 7/8/08 by Robert from the 'UDP 4 lyfe' department
A pretty nasty DNS vulnerability has been discovered in 81 products by Dan Kaminsky. This vulnerability type
seems to be the same described by Amit Klein and involves abusing the PRNG involved in transactions on DNS queries. Long story short
if you run a vulnerable caching DNS server you can have your cache poisoned. From CERT
"The DNS protocol specification includes a transaction ID field of 16 bits. If the specification is correctly implemented and the transaction ID is randomly selected with a strong random number generator, an attacker will require, on average, 32,768 attempts to successfully predict the ID. Some flawed implementations may use a smaller number of bits for this transaction ID, meaning that fewer attempts will be needed. Furthermore, there are known errors with the randomness of transaction IDs that are generated by a number of implementations. Amit Klein researched several affected implementations in 2007."
Dshield has a .
Article Link:
CERT Advisory with list of affected vendors:
Link to this Story:
Link:
News RSS Feed: Web
|
|
|
Information contained on this website may not be copied without explicit permission.
Best Viewed with Netscape.
|
|
|
Subscribe to CGISecurity.com
|
|

|
|
|
|
The Web Security Mailing List
|
|
|
|
|
Contact us
|
Post News, get linkage!
|
|
|

|