Next Page >>
Cache Poisoning
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache
Poisoning Attacks
Advisory ID: cisco-sa-20080708-dns
http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml
3. *Vulnerability Description*
DNS spoofing and cache poisoning attacks have been known security
threats that result from design weaknesses of the DNS protocol since the
early 1990s as described by Christopher Schuba [1] and Paul Vixie [2].
In 1997 a practical implementation of a blind remote DNS cache poisoning
attack that relies solely on exploiting the predictability of the ID
field of DNS query packets was described by Arce and Kargieman [3]. This
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01283837
Version: 1
HPSBUX02289 SSRT071461 rev.1 - HP-UX Running BIND 8, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-11-19
Last Updated: 2007-11-19
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01527346
Version: 1
HPSBTU02358 SSRT080058 rev.1 - HP Tru64 UNIX running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-08-12
Last Updated: 2008-08-13
http://www.debian.org/security/ Florian Weimer
June 04, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0097 CVE-2010-0290 CVE-2010-0382
Several cache-poisoning vulnerabilities have been discovered in BIND.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01174368
Version: 1
HPSBOV02261 SSRT071449 rev.1 - HP OpenVMS running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-09-19
Last Updated: 2007-09-19
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 5
HPSBUX02351 SSRT080058 rev.5 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2010-10-12
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01523520
Version: 1
HPSBOV02357 SSRT080058 rev.1 - HP OpenVMS TCP/IP Services running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-08-13
Last Updated: 2008-08-13
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 3
HPSBUX02251 SSRT071449 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-11-26
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 6
HPSBUX02351 SSRT080058 rev.6 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2010-12-15
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 1
HPSBUX02351 SSRT080058 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-07-16
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 4
HPSBUX02351 SSRT080058 rev.4 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-08-08
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 2
HPSBUX02251 SSRT071449 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-09-10
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 2
HPSBUX02351 SSRT080058 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-07-19
http://www.debian.org/security/ Martin Schulze
June 15th, 2010 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0097 CVE-2010-0290 CVE-2010-0382
This update restores the PID file location for bind to the location
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01506861
Version: 3
HPSBUX02351 SSRT080058 rev.3 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-16
Last Updated: 2008-08-06
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01660723
Version: 1
HPSBMP02404 SSRT090014 rev.1 - MPE/iX Running BIND/iX, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2009-01-28
Last Updated: 2009-01-28
Update+Errata for "OpenBSD DNS Cache Poisoning and Multiple O/S
Predictable IP ID Vulnerability"
(http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf)
Update
******
OpenBSD
2) Vulnerability Description
Microsoft DNS server generates predictable DNS transaction IDs. If the
server is configured to allow recursive queries it is possible to insert
fake records in the DNS cache (DNS cache poisoning) by guessing the next
transaction ID that the server will use and sending a spoofed DNS reply
to the server. To observe the transaction IDs an attacker needs to
control a DNS server that is authoritative for some domain and to be
able to send a recursive queries to the caching Microsoft DNS server.
BIND 8 EOL and BIND 8 DNS Cache Poisoning
Note: this is a different attack from BIND 9 DNS cache poisoning.
I discovered a new weakness in BIND 8 DNS server which enables "DNS
Forgery Pharming". An attacker can remotely poison the cache of any
BIND 8 caching DNS server and force users who use this DNS server to
reach fraudulent websites each time they try to access real websites.
BIND 8 is still a very popular DNS server nowadays thus this attack
applies to a big part of Internet users.
The Microsoft Windows DNS stub resolver (the component in Windows
that queries the upstream DNS server for address resolutions on
behalf of most Windows programs, e.g. browsers) sends predictable
DNS queries with respect to DNS transaction ID and source UDP
port. This allows some interesting attacks on DNS clients (i.e.
desktops), including DNS cache poisoning of the client's local
DNS cache (which is maintained by the stub resolver).
Affected products: Windows Vista, Windows XP SP2, Windows 2003
and Windows 2000 SP4.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01123426
Version: 1
HPSBUX02251 SSRT071449 rev.1 - HP-UX Running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-01
Last Updated: 2007-08-01
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01154600
Version: 1
HPSBTU02256 SSRT071449 rev.1 - HP Tru64 UNIX or HP Tru64 Internet Express running BIND, Remote DNS Cache Poisoning
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-29
Last Updated: 2007-08-29
Newly emerging techniques of DNS cache poisoning have caused quite a
stir recently, prompting security researchers to speculate on the nature
of the issue, and naturally inducing press stunts by some individuals,
including "accidential" information leaks and hasty exploit releases.
Many other, more relaxed researchers, who had figured out the attack and
had coded working exploits within a few hours (which, by the way, was
incredibly easy to do, knowing that an undocumented attack actually
existed), decided to coordinate with Dan Kaminsky, who had organized a
huge multi-vendor security patch, and withhold information for the
proposed 30 days.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: PowerDNS Recursor: DNS Cache Poisoning
Date: April 18, 2008
Bugs: #215567
ID: 200804-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://www.debian.org/security/ Florian Weimer
July 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1447
CERT advisory : VU#800113
http://www.debian.org/security/ Moritz Muehlenhoff
July 31, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : dnsmasq
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1447
Dan Kaminsky discovered that properties inherent to the DNS protocol
After 6 months - fix available for Microsoft DNS cache poisoning
attack
On April this year I discovered a new vulnerability that enables
DNS cache poisoning attack against the Windows DNS server. Today
(November 13th, 2007) - six and a half months after being informed
- Microsoft released a fix for this vulnerability. As the fix is
now publicly available, I can finally share my research finding
with you.
Evilgrade needs the manipulation of the victim dns traffic.
Attack vectors:
---------------------
Internal scenary: (Internal DNS access,ARP spoofing,DNS Cache Poisoning, DHCP spoofing)
External scenary: (Internal DNS access,DNS Cache Poisoning)
* What are the supported OS?
The framework is multiplaform, it only depends of having the right payload for the target platform to be exploited.
http://www.debian.org/security/ Florian Weimer
July 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : bind9
Vulnerability : DNS cache poisoning
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1447
CERT advisory : VU#800113
Next Page>>
|
