0 Replies Latest reply on Jul 29, 2008 9:45 AM by HarryWaldron

    DNS Cache Poisoning Exploits - Now in-the-wild

      DNS Cache Poisoning Exploits - Now in-the-wild

      Below are the first confirmed reports that new DNS exploits are now being exploited in-the-wild. There are dangers associated with unpatched or misconfigured DNS servers.

      DNS cache poisoning attacks exploited in the wild
      http://blogs.zdnet.com/security/?p=1590

      QUOTE: Numerous independent sources are starting to see evidence of DNS cache poisoning attempts on their local networks, in what appears to be an attempt to take advantage of the “recent” DNS cache poisoning vulnerability :

      Surprised? I’m not, since this was pretty logical given that the three publicly available exploits have been downloaded over 15,000 times in the last couple of days. What I’m actually surprised of is that it took so long to produce a working exploit, and the despite the media outbreak raising awareness on the potential for abuse, major international and local ISPs remain vulnerable. Ironically, remain vulnerable just like they’ve always been even though patches for a particular vulnerability were available. Insecure and misconfigured DNS servers were, and continue to be a realistic threat even in a Web 2.0 world.

      More on the risks associated with these new DNS exploits can be found here:

      http://msmvps.com/blogs/harrywaldron/archive/2008/07/26/avert-labs-excellent-dia grams-on-new-dns-dangers.aspx

      http://msmvps.com/blogs/harrywaldron/archive/2008/07/24/new-dsn-exploits-are-bei ng-developed-patch-your-servers-now.aspx