DNS cache poisoning attacks return due to Linux weakness

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,108
Content source
https://www.bleepingcomputer.com/news/security/dns-cache-poisoning-attacks-return-due-to-linux-weakness/
Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks.
The new discovery revives a 2008 bug that had once been thought to have resolved for good. [...]
Click to expand...
Update 13-Nov-2020: Added, this vulnerability is being tracked as CVE-2020-25705. Added solutions proposed by the researchers.
Additionally, according to the researchers, the vulnerability also impacts other operating systems shown below for which a patch has not yet been issued.
"In addition to Linux, we have verified that other major OS kernels are vulnerable as well, albeit with lower global rate limit — 200 in Windows and FreeBSD, and 250 in MacOS," state the researchers in their paper.
Click to expand...
www.bleepingcomputer.com

DNS cache poisoning attacks return due to Linux weakness

Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks. The findings reopen a vulnerability that had been discovered by Kaminsky in 2008 and thought to have been resolved.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
Reactions: Vasudev, SeriousHoax, bayasdev and 10 others
V

Vasudev

Level 33
Verified
Nov 8, 2014
2,247
silversurfer said:
www.bleepingcomputer.com

DNS cache poisoning attacks return due to Linux weakness

Researchers from Tsinghua University and the University of California have identified a new method that can be used to conduct DNS cache poisoning attacks. The findings reopen a vulnerability that had been discovered by Kaminsky in 2008 and thought to have been resolved.
www.bleepingcomputer.com www.bleepingcomputer.com
Click to expand...
Last week I noticed my linux DNS performance was weak. Had to clear all the current entries and restarting the service couple of times resolved it.
Didn't know DNS vulnerability was present. Usually I read the changelogs to updates in synaptic. systemd-resolve was the component I was taking which is present in Ubuntu distros.
 
  • Like
Reactions: silversurfer and shmu26
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
    • Wow
MaginotDNS attacks exploit weak checks for DNS cache poisoning
Replies
0
Views
1,200
News Archive
[correlate]
[correlate]
Gandalf_The_Grey
    • Like
    • +Reputation
Security News Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass
Replies
2
Views
1,672
Security News
SeriousHoax
SeriousHoax
Gandalf_The_Grey
    • Like
    • +Reputation
Security News New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems
Replies
3
Views
4,293
Security News
Brahman
Brahman

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top