 |
|
|
|
Подмена DNS-записей во многих клиентах и серверах DNS
дополнено с 12 июля 2008 г. | | Опубликовано: |  | 29 июля 2008 г. | | Источник: |  | BUGTRAQ | | SecurityVulns ID: |  | 9142 | | Тип: |  | клиент | | Опасность: |  | 6/10 | | Описание: |  | Атака DNS poisoning может быть использована для подмены результатов разрешения запросы. |
| Затронутые продукты: |  | CISCO : IOS 12.2 | | | | CISCO : IOS 12.3 | | | | BIND : bind 9.3 | | | | CISCO : IOS 12.4 | | | | PDNS : pdns-recursor 3.1 | | | | PYTHON : python-dns 2.3 | | CVE: |  | CVE-2008-1637 (PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate (1) TRXID values and (2) UDP source port numbers, which makes it easier for remote attackers to poison a DNS cache, related to (a) algorithmic deficiencies in rand and random functions in external libraries, (b) use of a 32-bit seed value, and (c) choice of the time of day as the sole seeding information.) | | | | CVE-2008-1447 (The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.") |
|
|
|
|
|
|
|
|
