DarkFiber Consulting is aware of publicly available exploit code for a cache poisoning vulnerability in common DNS implementations. Exploitation of this vulnerability may allow an attacker to cause a nameserver’s clients to contact the incorrect, and possibly malicious hosts for particular services. As a result, web traffic, email and other important network data could be redirected to systems under the attacker’s control.
DarkFiber Consulting strongly urges administrators to patch affected systems immediately. Please review the following DarkFiber Consulting documents for further details:
- Current Activity – DNS Implementations Vulnerable to Cache Poisoning
- Current Activity – NAT/PAT Affects DNS Cache Poisoning Mitigation
- Vulnerability Note VU#800113 – Multiple DNS implementations vulnerable to cache poisoning
- Technical Cyber Security Alert TA08-190B – Multiple DNS implementations vulnerable to cache poisoning
DarkFiber Consulting will provide additional information as it becomes available.