[<prev] [next>] [thread-next>] [month] [year] [list]
Date: Tue, 8 Jul 2008 22:09:23 +0000 (UTC)
From: security curmudgeon <jericho@...rition.org>
To: oss-security@...ts.openwall.com
Subject: Major DNS vulnerability announced [CVE Question]
Since this is about to make VDB life complicated..
Microsoft has:
DNS Insufficient Socket Entropy Vulnerability - CVE-2008-1447
DNS Cache Poisoning Vulnerability - CVE-2008-1454
Cisco has:
CVE-2008-1447
Question: Is CVE going to keep those two identifiers for the fundamental
issues, and load them up with affected vendors?
---------- Forwarded message ----------
http://www.kb.cert.org/vuls/id/800113
Vulnerability Note VU#800113
Multiple DNS implementations vulnerable to cache poisoning
Overview
Deficiencies in the DNS protocol and common DNS implementations facilitate
DNS cache poisoning attacks.
I. Description
The Domain Name System (DNS) is responsible for translating host names to
IP addresses (and vice versa) and is critical for the normal operation of
internet-connected systems. DNS cache poisoning (sometimes referred to as
cache pollution) is an attack technique that allows an attacker to
introduce forged DNS information into the cache of a caching nameserver.
DNS cache poisoning is not a new concept; in fact, there are published
articles that describe a number of inherent deficiencies in the DNS
protocol and defects in common DNS implementations that facilitate DNS
cache poisoning. The following are examples of these deficiencies and
defects:
< - >
II. Impact
An attacker with the ability to conduct a successful cache poisoning
attack can cause a nameserver's clients to contact the incorrect, and
possibly malicious, hosts for particular services. Consequently, web
traffic, email, and other important network data can be redirected to
systems under the attacker's control.
< - >
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ