[dns-operations] CERT VU#800113 Multiple DNS implementations vulnerable to cache poisoning
Duane Wessels
wessels at dns-oarc.net
Tue Jul 8 19:03:47 UTC 2008
http://www.kb.cert.org/vuls/id/800113
Recent additional research into [DNS defects and deficiencies]
and methods of combining them to conduct improved cache poisoning
attacks have yielded extremely effective exploitation techniques.
Caching DNS resolvers are primarily at risk--both those that are
open (a DNS resolver is open if it provides recursive name
resolution for clients outside of its administrative domain),
and those that are not. These caching resolvers are the most
common target for attackers; however, stub resolvers are also
at risk.
More information about the dns-operations
mailing list