4 matches found
NAME:WRECK DNS Vulnerabilities
Cybersecurity researchers from Forescout and JSOF have released a report on a set of nine vulnerabilities—referred to as NAME:WRECK—affecting Domain Name System DNS implementations. NAME:WRECK affects at least four common TCP/IP stacks—FreeBSD, IPNet, NetX, and Nucleus NET—that are used in Intern...
DNS BailiWicked Domain Attack
This exploit attacks a fairly ubiquitous flaw in DNS implementations which Dan Kaminsky found and disclosed Jul 2008. This exploit replaces the target domains nameserver entries in a vulnerable DNS cache server. This attack works by sending random hostname queries to the target DNS server coupled...
Multiple DNS implementations vulnerable to cache poisoning
Overview Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Description The Domain Name System DNS is responsible for translating host names to IP addresses and vice versa and is critical for the normal operation of internet-connected systems...
DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries
Overview Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Description RFC1035 DOMAIN NAMES, IMPLEMENTATION AND SPECIFICATION defines a mechanism for conserving bytes in a DNS query or reply packet by avoiding repetition of character strings "labels"...