Saturday November 22, 2008 3:58 AM AEST

SC Magazine Australia/NZ > News > Vulnerabilities & Exploits > Web > First DNS attacks reported

Vulnerability Alerts

SANS

Microsoft

Microsoft Security Bulletin Summary for November 2008
MS08-069 – Critical: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218) - Version:1.0

CERT/CC

Latest Comments

"when i login to face book it tells me i am cookies enabled what does this mean"

on Ads on Facebook serving up adware

by celeste | Nov 21, 2008 5:15 PM

"Hi this is the mail I received Brett Karpman show details Nov 17 (3 days ago) Reply Atten..."

on Yahoo and Microsoft take aim at lottery scams

by Rodney Churchyard | Nov 20, 2008 6:13 PM

"security through obscurity...shows how detached HIPAA is from reality."

on Privacy breaches causing business instability

by priceOfFishInChina | Nov 20, 2008 1:19 PM

"Umm. no. The 6.5 product is mounting the offline VM image and performing a scan for patch ..."

on Shavlik Technologies to broaden its patch management offerings

by eric | Nov 20, 2008 8:15 AM

"it's great i tried it"

on McAfee offers free trial of security appliance

by divyacharan | Nov 20, 2008 12:24 AM

Web

First DNS attacks reported

By Shaun Nichols
Jul 28, 2008 10:14 AM
Tags: First | DNS | attacks | reported

The attack was reported by a user named James Kosin to a Fedora Linux mailing list.

Kosin posted a log which he said was gathered Thursday night. The attacker attempts to access the server's cache for entries to such sites as myspace, ebay and Wachovia.

The attack attempts to target a vulnerability in the Domain Name System in which an attacker could alter the cache on a DNS server to redirect site requests to malicious third-party sites.

"The spooks are out in full on this security vulnerability in force. Patch or upgrade now!" wrote Kosin.

Industry experts, including Kaminsky himself, have issued similar warnings to administrators. Kaminsky intentionally held off on releasing the details of the flaw until vendors could patch it.

Exploit code for the vulnerability was posted earlier this week as a module for the Metasploit framework.

Though experts estimate that most major ISPs and vendors have patched the flaw, poorly-maintained DNS servers could still be open to the attack.

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Vulnerabilities & Exploits Whitepapers

First DNS attacks reported

Sponsored Links

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management