DNS Cache Poisoning Exploits - Now in-the-wild

Posted Tuesday, July 29, 2008 3:16 PM by hwaldron

Below are the first confirmed reports that new DNS exploits are now being exploited in-the-wild. There are dangers associated with unpatched or misconfigured DNS servers.
 
 DNS cache poisoning attacks exploited in the wild
 http://blogs.zdnet.com/security/?p=1590
 
 QUOTE: Numerous independent sources are starting to see evidence of DNS cache poisoning attempts on their local networks, in what appears to be an attempt to take advantage of the “recent” DNS cache poisoning vulnerability :
 
 Surprised? I’m not, since this was pretty logical given that the three publicly available exploits have been downloaded over 15,000 times in the last couple of days. What I’m actually surprised of is that it took so long to produce a working exploit, and the despite the media outbreak raising awareness on the potential for abuse, major international and local ISPs remain vulnerable. Ironically, remain vulnerable just like they’ve always been even though patches for a particular vulnerability were available. Insecure and misconfigured DNS servers were, and continue to be a realistic threat even in a Web 2.0 world.
 
 More on the risks associated with these new DNS exploits can be found here:
 
 http://msmvps.com/blogs/harrywaldron/archive/2008/07/26/avert-labs-excellent-diagrams-on-new-dns-dangers.aspx
 
 http://msmvps.com/blogs/harrywaldron/archive/2008/07/24/new-dsn-exploits-are-being-developed-patch-your-servers-now.aspx

Comments

No Comments