ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches.
From the ISC Bind security page:
The DNS query id generation is vulnerable to cryptographic analysis which provides a 1 in 8 chance of guessing the next query id for 50% of the query ids. This can be used to perform cache poisoning by an attacker.
A remote attacker could predict DNS query IDs and respond with arbitrary answers, thus poisoning DNS caches.
Upgrade or Patch
This vulnerability was reported by ISC who credit Amit Klein from Trusteer.
This document was written by Ryan Giobbi.
|Date First Published:||2007-07-27|
|Date Last Updated:||2008-08-06 13:02 UTC|