1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Attack code published for DNS flaw

Discussion in 'News' started by wagnerk, Jul 24, 2008.

  1. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator

    10,831
    357
    341

    Attack code published for DNS flaw



    The urgency to patch Dan Kaminsky’s DNS cache poisoning vulnerability just went up a few notches.

    Exploit code for the flaw, which allows the insertion of malicious DNS records into the cache of the target nameserver, has been added to Metasploit, a freely distributed attack/pen-testing tool.

    According to Metasploit creator HD Moore (left), who teamed up with researcher |)ruid to create the exploit, a DNS service has also been created to assist with the exploit.

    The code takes aim at known deficiencies in the DNS protocol and common DNS implementations that aid in serious cache poisoning attacks.

    To read the whole story, see here.

    -ken
     
    Certifications: CITP, PGCert, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: PGDip
porta2_tags:

Comments

    Share This Page