Home → News → DNSpooq Lets Attackers Poison DNS Cache Records → Full Text

DNSpooq Lets Attackers Poison DNS Cache Records

By ZDNet

January 25, 2021

[article image]

Researchers in Israeli boutique cybersecurity consultancy JSOF have disclosed seven vulnerabilities that affect Dnsmasq, a domain name system (DNS) forwarding client for *NIX-based operating systems.

The vulnerabilities involve DNSpooq software in millions of devices sold worldwide, including networking gear like routers, access points, firewalls, and VPNs from numerous companies.

The researchers say the vulnerabilities could be combined to poison DNS cache entries recorded by Dnsmasq servers, allowing attackers to redirect users to clones of legitimate websites.

Four of the vulnerabilities are buffer overflows in the Dnsmasq code that could result in remote code execution scenarios, and the remainder enable DNS cache poisoning.

The researchers advise users to apply security updates released by the Dnsmasq project.

From ZDNet
View Full Article


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


No entries found