Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Trend Micro: Major DNS Cache-Poisoning Vulnerability, Patch Now

July 2008 by Trend Micro

While this is completely unrelated to any particular malware, there
is a rather disconcerting DNS cache-poisoning vulnerability that has
surfaced which deserves the attention of any and every organization
on the planet which operates their own DNS servers.

The importance of determining if you are vulnerable, and getting the
vulnerability fixed quickly, is becoming more important as each days
passes. This is due not only to the criticality of the vulnerability,
but also due to some of the “colorful” background in how some of the
details have become available surrounding the vulnerability itself.

First, US-CERT published an advisory on this vulnerability on 8 July
2008, and they have a detailed reference of vendor products which are
affected on their advisory page. Please visit their advisory page to
determine if your DNS infrastructure is at risk.

As the US-CERT advisory states, the heart of this issue is that DNS
caching nameservers can be poisoned by an “…attack technique that
allows an attacker to introduce forged DNS information into the cache
of a caching nameserver.”

This is a very serious situation, and can possibly lead to widespread
and targeted attacks which hijack sensitive information by
redirecting legitimate traffic to fraudulent websites, due to
incorrect (fraudulent) information being injected into the vulnerable
caching nameserver(s).

Secondly, while the details of this vulnerability were originally
discovered by Dan Kaminsky, and were originally to be revealed at the
upcoming Black Hat conference in Las Vegas next month, some details
regarding the vulnerability have been “leaked” to the public, which
increases the importance of quickly patching any vulnerability in
deployed DNS servers.

There are also some publicly available tools to to determine if your
DNS servers are affected.

This vulnerability is quite serious, so please - PATCH NOW.

http://blog.trendmicro.com/major-dns-cache-poisoning-vulnerability-
patch-now/


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts