Sign In

Communications of the ACM

ACM TechNews

DNSpooq Lets Attackers Poison DNS Cache Records

View as: Print Mobile App Share:
A DNSpooq logo.

Security experts have disclosed details of seven vulnerabilities impacting a popular DNS software package that is commonly deployed in networking equipment, such as routers and access points.

Credit: JSOF

Researchers in Israeli boutique cybersecurity consultancy JSOF have disclosed seven vulnerabilities that affect Dnsmasq, a domain name system (DNS) forwarding client for *NIX-based operating systems.

The vulnerabilities involve DNSpooq software in millions of devices sold worldwide, including networking gear like routers, access points, firewalls, and VPNs from numerous companies.

The researchers say the vulnerabilities could be combined to poison DNS cache entries recorded by Dnsmasq servers, allowing attackers to redirect users to clones of legitimate websites.

Four of the vulnerabilities are buffer overflows in the Dnsmasq code that could result in remote code execution scenarios, and the remainder enable DNS cache poisoning.

The researchers advise users to apply security updates released by the Dnsmasq project.

From ZDNet
View Full Article


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account