US-CERT: DNS Cache Poisoning Public Exploit Code Available
US-CERT is aware of publicly available exploit code for a cache poisoning vulnerability in common DNS implementations. Exploitation of this vulnerability may allow an attacker to cause a nameserver's clients to contact the incorrect, and possibly malicious hosts for particular services. As a result, web traffic, email and other important network data could be redirected to systems under the attacker's control.More here.
US-CERT strongly urges administrators to patch affected systems immediately. Please review the following US-CERT documents for further details:
- Current Activity - DNS Implementations Vulnerable to Cache Poisoning
- Current Activity - NAT/PAT Affects DNS Cache Poisoning Mitigation
- Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning
- Technical Cyber Security Alert TA08-190B - Multiple DNS implementations vulnerable to cache poisoning
US-CERT will provide additional information as it becomes available.
posted by Fergie @ 7/24/2008 01:24:00 PM
0 Comments:
Post a Comment
<< Home