Sign In

Communications of the ACM

ACM TechNews

DNSpooq Lets Attackers Poison DNS Cache Records


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A DNSpooq logo.

Security experts have disclosed details of seven vulnerabilities impacting a popular DNS software package that is commonly deployed in networking equipment, such as routers and access points.

Credit: JSOF

Researchers in Israeli boutique cybersecurity consultancy JSOF have disclosed seven vulnerabilities that affect Dnsmasq, a domain name system (DNS) forwarding client for *NIX-based operating systems.

The vulnerabilities involve DNSpooq software in millions of devices sold worldwide, including networking gear like routers, access points, firewalls, and VPNs from numerous companies.

The researchers say the vulnerabilities could be combined to poison DNS cache entries recorded by Dnsmasq servers, allowing attackers to redirect users to clones of legitimate websites.

Four of the vulnerabilities are buffer overflows in the Dnsmasq code that could result in remote code execution scenarios, and the remainder enable DNS cache poisoning.

The researchers advise users to apply security updates released by the Dnsmasq project.



From ZDNet
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found