HP Security Bulletin HPSBOV03226 2 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. No update is required for BIND clients. Revision 2 of this advisory.
4935d3f1fb7ea8e8542d5095cd4cb2b982b905b4752fdda66d72da48b1f6e88dHP Security Bulletin HPSBOV03226 1 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.
1857a5c488eb234718c79babaf33fe34e2dcf8b047d172d2c3860ec769591b8eGentoo Linux Security Advisory 201209-25 - Multiple vulnerabilities have been found in VMware Player, Server, and Workstation, allowing remote and local attackers to conduct several attacks, including privilege escalation, remote execution of arbitrary code, and a Denial of Service.
69658d66093686eada54ad82e7c69c212f082445ebab3cf082f1e1fbc3b98de1HP Security Bulletin HPSBUX02351 SSRT080058 6 - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning. Revision 6 of this advisory.
6e8f4adb26ce8cc79500fd1bf1929d520aa0fc5884ea250e266b7016d1893279HP Security Bulletin HPSBUX02351 SSRT080058 5 - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning. Revision 5 of this advisory.
4699e395061ada76f72cf4ea0e76f16a74d8101b77651e89555f9f8b5e2c7183HP Security Bulletin - A potential security vulnerability has been identified with MPE/iX running BIND/iX. The vulnerability could be exploited remotely to cause DNS cache poisoning.
4b695913dbebd08e3d6420017c28133a6cc828fb87dc15cf2af4e7a55255859cGentoo Linux Security Advisory GLSA 200901-03 - Two errors in pdnsd allow for Denial of Service and cache poisoning. Versions less than 1.2.7 are affected.
4b5ce9962aef3dfe259bf205679bc9936d66a6ddc9dacad36e520a30b4d74eceGentoo Linux Security Advisory GLSA 200812-17 - Multiple vulnerabilities have been discovered in Ruby that allow for attacks including arbitrary code execution and Denial of Service. Versions less than 1.8.6_p287-r1 are affected.
fc3d0e1000f9f9bfede1eca24d080fd7125be4acdc61e8d5f8e06afcd003ef16Debian Security Advisory 1619-2 - In DSA-1619-1, an update was announced for DNS response spoofing vulnerabilities in python-dns. The fix introduced a regression in the library breaking the resolution of UTF-8 encoded record names. An updated release is available which corrects this problem.
c623f997c80873561d709ccbf0c8493c98b7460582a70be464629608e1a44d40Gentoo Linux Security Advisory GLSA 200809-02 - Dan Kaminsky of IOActive reported that dnsmasq does not randomize UDP source ports when forwarding DNS queries to a recursing DNS server. Carlos Carvalho reported that dnsmasq in the 2.43 version does not properly handle clients sending inform or renewal queries for unknown DHCP leases, leading to a crash. Versions below 2.45 are affected.
ed1cca55454b5ba4e246627c0056fd8174c4cdebcacddb3a6fa5eae0bc89d4c0VMware Security Advisory - Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
cf33ed983d59f3fe21ba66fc27682e8a073a9ba1d0031e69d9302bd25acc6efdVarious OpenID Providers (OPs) have TLS server certificates that use weak keys as a result of the Debian predictable random number generator vulnerability.
4ddd04a36c9b48f9c80e6563aa1fa71fc5a92fd3361f08a3b4f6e658063a2112HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning.
1e18e380946647399739bc1f609d341509a2386f8bc8d397d6eeb4e945f25e94The DNS Multiple Race Exploiting Tool exploits an inherent bug in the implementation of DNS Cache. The result of this exploitation is cache poisoning/overwriting with new entries.
7a3c264805686bedf06f10fa7536403d679cf69f269b95cb8a11d4f3e1d026e6Debian Security Advisory 1623-1 - Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
b6de58ca36bd325b55f6acf8f6ccfdd15238877d7d6c017c9213c7f22dd8e43eISR-evilgrade is a module framework that allows you to take advantage of poor upgrade implementations by injecting fake updates. This tool is especially useful for DNS cache poisoning attacks.
e76335e42f8a96170e521a354e344acbe972302a445d7803a8159c90337ad9c3Debian Security Advisory 1619-1 - Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many DNS implementations. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.
ebe12a113c6df6c042ef47a1dba8bec4c568a74767c16910863035f96e4a9dbfDie Eier Von Satan is a quick and dirty rewrite of the old ADMnog00d code. This version exploits the DNS cache poisoning vulnerability and discovered by Dan Kaminsky. This proof of concept makes use of a MX RR to spread its poisonous payload, a A RR, but can easily be adapted for other flavors.
10620955e93ad4e6de3b0a1a937dfcfaa4e383b2965a6eb178c2bfd654baf6daDebian Security Advisory 1617-1 - In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as CVE-2008-1447). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard 'domain' port (53). The incompatibility affects both the 'targeted' and 'strict' policy packages supplied by this version of refpolicy. This update to the refpolicy packages grants the ability to bind to arbitrary UDP ports to named_t processes. When installed, the updated packages will attempt to update the bind policy module on systems where it had been previously loaded and where the previous version of refpolicy was 0.0.20061018-5 or below.
d9ed425b97874f61eb0207b3d26987e6036bffbbbbbedda8e4db2913f6def931BIND 9.x remote DNS cache poisoning flaw exploit using the vulnerability discovered by Dan Kaminsky.
9c124eae9c7840190937c485399fd6cca178e89694b4ae96027a1cf86a7a95e3This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious nameserver entry into the target nameserver which replaces the legitimate nameservers for the target domain. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache. This insertion completely replaces the original nameserver records for the target domain.
59998e85046f16a5c63dc45a0b65a8c3c0309d28215b39b9b32e8e980b05bf05This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.
11e910b2fd7ce8685913d022a8c861ee68b58c8de15e6ff4788583be2137f4aaUbuntu Security Notice 627-1 - Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.
cb404dc54429d950c1d1d7ecc6e18257623b69fed004179d6405f75cc94eea70HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning.
04a12ad68cf448c2556104b0254c882d3b5e62b64f5e4d9392f83fbd62125c1dHP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning.
a6698f6c2f130a53f26800f57edc750877a09fabe643a9f4c3d5bbdb9c4b0568
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed