cache poisoning

BIND Vulnerability Enables DNS Cache Poisoning Attack

A vulnerability in the BIND domain name system (DNS) software could give an attacker the ability to easily and reliably control queried name servers chosen by the most widely deployed DNS software on the Internet, according to new research presented at the Woot Conference in Washington D.C. today.

Domains Using .Org to Have Tighter Security

The Public Interest Registry will add an extra layer of security known
as DNS Security Extensions (DNSSEC) to the .org domain
in June — a move that will protect millions of non-profit
organizations and their donors from hacking attacks known as cache
poisoning. Read the full article. [Network World]

Internet Systems Consortium (ISC) has shipped a patch to cover a
“severe” cache poisoning vulnerability for BIND 9 users who have DNSSEC
validation turned on. The vulnerability exists in the way BIND 9 handles recursive client queries
that may cause additional records to be added to its cache.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.