February 27, 2021

TerabitWeb Blog

Fascinating Technology and Security Information

DNS has another major set of vulnerabilities affecting almost every platform

1 min read
DNSpooq affects dnsmasq and potentially affects millions of devices

DNSpooq is a set of vulnerabilities found by JSOP in the dnsmasq application.
Similar DNS Attacks and Vulnerabilities have been demonstrated in the Kaminsky Attack in 2008 and SAD DNS in recent months(September 2020).
Attacks using DNSpooq vulnerabilities can produce Buffer Overflows, Remote Code Execution, DNS Spoofing, Device Takeover, DNS Cache Poisoning, Possible Mass DDOS Attacks, and this attack is Semi-Wormable.
There are 7 CVE Vulnerabilities associated with DNSpooq ranging from CVSS scores of 8.1 to 4.0
DNS Cache Poisoning
CVE-2020-25686, CVE-2020-25684, CVE-2020-25685
Buffer Overflow Vulnerabilities
CVE-2020-25687, CVE-2020-25683, CVE-2020-25682, CVE-2020-25681,
Solution is simple
Upgrade to dnsmasq 2.83 or higher
For more information see links below
https://www.jsof-tech.com/disclosures/dnspooq/
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/01/dnspooq-the-bugs-haunting-dnsmasq/
https://www.welivesecurity.com/2021/01/20/dnspooq-bugs-devices-dns-cache-poisoning/
https://www.tenable.com/blog/dnspooq-seven-vulnerabilities-identified-in-dnsmasq
https://www.securityweek.com/dnspooq-flaws-expose-millions-devices-dns-cache-poisoning-other-attacks
https://www.scmagazine.com/home/security-news/vulnerabilities/7-vulnerabilities-in-popular-dns-forwarding-software-open-door-to-range-of-attacks/
https://thehackernews.com/2021/01/a-set-of-severe-flaws-affect-popular.html
https://www.saddns.net/

Copyright © All rights reserved. | Newsphere by AF themes.