HP Security Bulletin HPSBOV03226 2 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. No update is required for BIND clients. Revision 2 of this advisory.
030d30c3b6c8106e6b18648558b2d49a
HP Security Bulletin HPSBOV03226 1 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.
1523c4c2a9580da5389596bf886bf6bd
Gentoo Linux Security Advisory 201209-25 - Multiple vulnerabilities have been found in VMware Player, Server, and Workstation, allowing remote and local attackers to conduct several attacks, including privilege escalation, remote execution of arbitrary code, and a Denial of Service.
51bbb06deb17fab0f37713179ca258d1
HP Security Bulletin HPSBUX02351 SSRT080058 6 - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning. Revision 6 of this advisory.
9a82a427bb1ddcf83d2fa81b9b4d9a13
HP Security Bulletin HPSBUX02351 SSRT080058 5 - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning. Revision 5 of this advisory.
152518f73f7dcebd8293b9df255e52ab
HP Security Bulletin - A potential security vulnerability has been identified with MPE/iX running BIND/iX. The vulnerability could be exploited remotely to cause DNS cache poisoning.
eba769362113beb0faaeb79db5f5c5b0
Gentoo Linux Security Advisory GLSA 200901-03 - Two errors in pdnsd allow for Denial of Service and cache poisoning. Versions less than 1.2.7 are affected.
4027f4a7754fdce31781236a1611da03
Gentoo Linux Security Advisory GLSA 200812-17 - Multiple vulnerabilities have been discovered in Ruby that allow for attacks including arbitrary code execution and Denial of Service. Versions less than 1.8.6_p287-r1 are affected.
49aa464a394dd574a8df3c8b37d3e207
Debian Security Advisory 1619-2 - In DSA-1619-1, an update was announced for DNS response spoofing vulnerabilities in python-dns. The fix introduced a regression in the library breaking the resolution of UTF-8 encoded record names. An updated release is available which corrects this problem.
435277758d000a9759e596396f568478
Gentoo Linux Security Advisory GLSA 200809-02 - Dan Kaminsky of IOActive reported that dnsmasq does not randomize UDP source ports when forwarding DNS queries to a recursing DNS server. Carlos Carvalho reported that dnsmasq in the 2.43 version does not properly handle clients sending inform or renewal queries for unknown DHCP leases, leading to a crash. Versions below 2.45 are affected.
f200ed750ca69f71f7f2846f6ee4b218
VMware Security Advisory - Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
66543adde34c36baff73bda1674cfb79
Various OpenID Providers (OPs) have TLS server certificates that use weak keys as a result of the Debian predictable random number generator vulnerability.
8b0ee625e1bc684a8e77110b9b791821
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning.
79606329d0ec4f18b2ee224e4dbf5aad
The DNS Multiple Race Exploiting Tool exploits an inherent bug in the implementation of DNS Cache. The result of this exploitation is cache poisoning/overwriting with new entries.
a080cf0d3d5faa5bc1351c55d9f43415
Debian Security Advisory 1623-1 - Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
6c21c0b2905b253f6123daa1f6688d8d
ISR-evilgrade is a module framework that allows you to take advantage of poor upgrade implementations by injecting fake updates. This tool is especially useful for DNS cache poisoning attacks.
36fc948a89b03821cc8ed32fd9e4e59a
Debian Security Advisory 1619-1 - Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many DNS implementations. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.
bc5cc0626a47ff39888e21678e8ff28c
Die Eier Von Satan is a quick and dirty rewrite of the old ADMnog00d code. This version exploits the DNS cache poisoning vulnerability and discovered by Dan Kaminsky. This proof of concept makes use of a MX RR to spread its poisonous payload, a A RR, but can easily be adapted for other flavors.
ae03b792adbe77bfad46d54fc181d7fc
Debian Security Advisory 1617-1 - In DSA-1603-1, Debian released an update to the BIND 9 domain name server, which introduced UDP source port randomization to mitigate the threat of DNS cache poisoning attacks (identified by the Common Vulnerabilities and Exposures project as CVE-2008-1447). The fix, while correct, was incompatible with the version of SELinux Reference Policy shipped with Debian Etch, which did not permit a process running in the named_t domain to bind sockets to UDP ports other than the standard 'domain' port (53). The incompatibility affects both the 'targeted' and 'strict' policy packages supplied by this version of refpolicy. This update to the refpolicy packages grants the ability to bind to arbitrary UDP ports to named_t processes. When installed, the updated packages will attempt to update the bind policy module on systems where it had been previously loaded and where the previous version of refpolicy was 0.0.20061018-5 or below.
1f7434c7ae5c8345c7101b841bffb229
BIND 9.x remote DNS cache poisoning flaw exploit using the vulnerability discovered by Dan Kaminsky.
738b0078ac8624dd2e7118cdec35a81b
This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious nameserver entry into the target nameserver which replaces the legitimate nameservers for the target domain. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache. This insertion completely replaces the original nameserver records for the target domain.
5882e859718d26d63b3bc1167eacb0fd
This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.
4def3738d35dc00d760fa023d0106a29
Ubuntu Security Notice 627-1 - Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.
0b11fe1d320f9ebc0ce03f99670eab53
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning.
9d73d9bba705842147d23e9b517a640d
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning.
81ca5324ef291a1e31b9850373d3dca6