Sign In

Communications of the ACM

ACM TechNews

Gear from Netgear, Linksys, 200 Others Has Unpatched DNS Poisoning Flaw

View as: Print Mobile App Share:

DNS poisoning and its DNS cache-poisoning relative allow hackers to replace the legitimate DNS lookup for sites with malicious IP addresses that can masquerade as those sites as they attempt to install malware, phish passwords, or carry out other nefariou

Credit: Getty Images

Researchers at security firm Nozomi Networks identified an unpatched vulnerability in third-party code libraries used by 200 hardware and software vendors, including Netgear and Linksys.

The flaw enables hackers with access to links between an impacted device and the Internet to poison Domain Name System requests used to translate domains to Internet Protocol (IP) addresses; they can funnel false IP addresses to target devices and force end-users to connect to malicious servers masquerading as trusted sites.

The vulnerability, reported to vendors in January and publicly disclosed this week, is embedded in uClibc and uClibc fork uClibc-ng, which support alternatives to the standard C library for embedded Linux.

The Nozomi researchers said the affected gear constitute "a range of well-known IoT [Internet of Things] devices running the latest firmware versions, with a high chance of them being deployed throughout all critical infrastructure."

From Ars Technica
View Full Article


Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


No entries found