Major DNS vulnerability discovered

Posted on July 10, 2008 by segfault

Dan Kaminsky recently discovered a vulnerability in the DNS protocol that could lead to DNS cache poisoning attacks. When a DNS lookup is made, the DNS server returns a random query id between 1 and 65,000. What Dan found is that the query id’s that were being generated by a lot of the DNS servers were not all that random, allowing someone to potentially poison a DNS cache by anticipating the query id. You can read more about this issue here. The Ubuntu security report is here. I would strongly recommend that you upgrade your DNS servers ASAP if you haven’t already.

This entry was posted in Tips and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">