Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-341: Multiple Cisco Products Vulnernable to DNS Cache Poisoning Attacks

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-341: Multiple Cisco Products Vulnernable to DNS Cache Poisoning Attacks
# 1  
Old 08-18-2008
S-341: Multiple Cisco Products Vulnernable to DNS Cache Poisoning Attacks
Multiple Cisco products are vulnerable to DNS cache poisoning attacks due to their use of insufficiently randomized DNS transaction IDs and UDP source ports in the DNS queries that they produce, which may allow an attacker to more easily forge DNS answers that can poison DNS caches. The risk is HIGH. Successful exploitation of the vulnerability described in this document may result in invalid hostname-to-IP address mappings in the cache of an affected DNS server. This may lead of this DNS server to contact with wrong provider of network services.


More...
# 2  
Old 08-18-2008
This issue is not Cisco specific. It actually globally affects the whole DNS hierarchy.
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Cybersecurity

Dns cache poisoning upgrade to bind9.5.0p2

Hi again guys, It seems this is a global thing affecting all the DNS bind versions prior to July 28 2008. I have my work cut out for me very soon, I see at least a handful of servers in my list that either need to patching or upgrading. How many of you guys are affected? Anybody successfully... (4 Replies)
Discussion started by: sparcguy
4 Replies

2. IP Networking

how can we spoof ethernet by ARP cache poisoning on unix through a program

how can we spoof ethernet by ARP cache poisoning on unix through a program... can anyone post the source code to achieve this... (1 Reply)
Discussion started by: ud4u
1 Replies
Login or Register to Ask a Question