Communications of the ACM

Home/News/DNSpooq Lets Attackers Poison DNS Cache Records/Full Text

ACM TechNews

DNSpooq Lets Attackers Poison DNS Cache Records

By ZDNet
January 25, 2021
Comments

View as: Print Mobile App Share:

Security experts have disclosed details of seven vulnerabilities impacting a popular DNS software package that is commonly deployed in networking equipment, such as routers and access points.

Credit: JSOF

Researchers in Israeli boutique cybersecurity consultancy JSOF have disclosed seven vulnerabilities that affect Dnsmasq, a domain name system (DNS) forwarding client for *NIX-based operating systems.

The vulnerabilities involve DNSpooq software in millions of devices sold worldwide, including networking gear like routers, access points, firewalls, and VPNs from numerous companies.

The researchers say the vulnerabilities could be combined to poison DNS cache entries recorded by Dnsmasq servers, allowing attackers to redirect users to clones of legitimate websites.

Four of the vulnerabilities are buffer overflows in the Dnsmasq code that could result in remote code execution scenarios, and the remainder enable DNS cache poisoning.

The researchers advise users to apply security updates released by the Dnsmasq project.

From ZDNet
View Full Article

No entries found

DNSpooq Lets Attackers Poison DNS Cache Records

Wayfinding Without GPS

What Do Computing and Economics Have to Say to Each Other?

SWOT Analysis of ChatGPT in Computer Science Education