[dns-operations] CERT VU#800113 Multiple DNS implementations vulnerable to cache poisoning

Duane Wessels wessels at dns-oarc.net
Tue Jul 8 19:03:47 UTC 2008


    Recent additional research into [DNS defects and deficiencies]
    and methods of combining them to conduct improved cache poisoning
    attacks have yielded extremely effective exploitation techniques.
    Caching DNS resolvers are primarily at risk--both those that are
    open (a DNS resolver is open if it provides recursive name
    resolution for clients outside of its administrative domain),
    and those that are not. These caching resolvers are the most
    common target for attackers; however, stub resolvers are also
    at risk.

More information about the dns-operations mailing list