Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <Pine.LNX.4.64.0807082206400.27940@forced.attrition.org>
Date: Tue, 8 Jul 2008 22:09:23 +0000 (UTC)
From: security curmudgeon <jericho@...rition.org>
To: oss-security@...ts.openwall.com
Subject: Major DNS vulnerability announced  [CVE Question]


Since this is about to make VDB life complicated..

Microsoft has:
DNS Insufficient Socket Entropy Vulnerability - CVE-2008-1447
DNS Cache Poisoning Vulnerability - CVE-2008-1454

Cisco has:
CVE-2008-1447

Question: Is CVE going to keep those two identifiers for the fundamental 
issues, and load them up with affected vendors?

---------- Forwarded message ----------

http://www.kb.cert.org/vuls/id/800113

Vulnerability Note VU#800113
Multiple DNS implementations vulnerable to cache poisoning

Overview

Deficiencies in the DNS protocol and common DNS implementations facilitate 
DNS cache poisoning attacks.

I. Description

The Domain Name System (DNS) is responsible for translating host names to 
IP addresses (and vice versa) and is critical for the normal operation of 
internet-connected systems. DNS cache poisoning (sometimes referred to as 
cache pollution) is an attack technique that allows an attacker to 
introduce forged DNS information into the cache of a caching nameserver. 
DNS cache poisoning is not a new concept; in fact, there are published 
articles that describe a number of inherent deficiencies in the DNS 
protocol and defects in common DNS implementations that facilitate DNS 
cache poisoning. The following are examples of these deficiencies and 
defects:

< - >

II. Impact

An attacker with the ability to conduct a successful cache poisoning 
attack can cause a nameserver's clients to contact the incorrect, and 
possibly malicious, hosts for particular services. Consequently, web 
traffic, email, and other important network data can be redirected to 
systems under the attacker's control.

< - >

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.