Your security, networking, programming, and application news source.

Wednesday, July 9, 2008

DNS Design Flaw Allows Spoofing


(July 8, 2008) United States Computer Emergency Readiness Team (US-CERT) Vulnerability notice <#800113> regarding a DNS Cache Poisoning Issue.

"It is a fundamental issue affecting the design. Because the system is behaving exactly like it is supposed to behave, the same bug will show up in vendor after vendor after vendor.", says Dan Kaminsky, director of penetration testing, at the <IOActive> security firm. Kaminsky found this flaw more than six months ago while doing non-security related research of the DNS system.

A number of software vendors released patches Tuesday, July 8th. A patch <was released>(July 8, 2008) by Microsoft, being it's scheduled update day, and a patch <was also released> (July 8, 2008) for the Berkeley Internet Name Domain (BIND) server. The <Security Focus article> (July 8, 2008) claims both Cisco and Juniper also acknowledged flawed systems (but haven't released patches).

No comments:

Post a Comment