Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > System crack > Content
Hot Articles
GeoVision Digital Video
Adobe Acrobat and the Re
Samba group_mapping.tdb/
The Sleuth Kit - UNIX-ba
Marvell 88W8361P-BEM1 ch
CS-Cart core / user.php
phpBB Small ShoutBox mod
Outlook Web Access for E
FlexCell Grid ActiveX co
PHP error_log bypasses t
Apple Bonjour for Window
nginx file type error pa
DedeCMS V5.5 Final GetWe
Details of PHP code exec
The VMware 2008-0014 ren
Recommend Articles
Mozilla the Firefox 2.0.
DC++ many long-distance
VLC the media player WAV
The Wireshark 1.0.1 edit
Wordpress XML-RPC connec
ServerView Web connectio
PCRE the pcre_compile.c
phpMyAdmin long-distance
Panda the ActiveScan lon
BlueZ the SDP load handl
1024 CMS many documents
WeFi journal file local
vBulletin adminlog.php r
Microsoft Windows DNS se
Adobe RoboHelp Server he
New Articles
DiY - brief loophole ana
Freefloat FTP Server ove
I can with Apache endeav
HP - UX NFS/ONCplus unkn
HP - UX FTPD remote deni
HP - UX DCE can send acr
HP - UX 'useradd' local
HP - UX swagentd remote
HP - UX Numbers local de
HP - UX System under the
HP - UX 'FTPD' unknown r
HP TCP/IP Services for c
From Solaris NFS pages f
From Solaris XScreenSave
Sun Solaris Auditing Ext
Many manufacturer DNS realize the buffer poison crack
  Add date: 07/16/2008   Publishing date: 07/16/2008   Hits: 14
Total 9 pages, Current page:1, Jump to page:
 

Issues the date: 2008-07-08
Renewal date: 2008-07-10

Is affected the system:
Cisco IOS 12.4
Cisco IOS 12.3 
Cisco IOS 12.2
Cisco IOS 12.1
Cisco IOS 12.0
ISC BIND 9.5.x
ISC BIND 9.4.x
ISC BIND 9.3.x
ISC BIND 9.2.x
ISC BIND 8.x.x
Microsoft Windows XP SP3
Microsoft Windows XP SP2
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows 2000SP4
Sun Solaris 9.0_x86
Sun Solaris 9.0
Sun Solaris 8.0_x86
Sun Solaris 8.0
Sun Solaris 10.0_x86
Sun Solaris 10.0
Cisco Network Registrar 7.0.x
Cisco Network Registrar 6.3.x
Cisco Network Registrar 6.1.x
Cisco Network Registrar
Cisco ACNS 5.5
Description:
--------------------------------------------------------------------------------
BUGTRAQ ID: 30131
CVE(CAN) ID: CVE-2008-1447

The DNS agreement is a TCP/IP agreement group's part, allows the DNS client side to inquire the DNS database a main engine analysis is the IP address.

Stemming from and processes DNS to inquire the related process time and the band width considered that the majority DNS servers can local save receives from other DNS server to the response, saves these responses the region to be called the buffer. Once will respond saves the buffer, the DNS server may inquire the DNS server (to be called once more before refurbishing local buffer response copy period of time the response which survival time) uses local saves.
  
What the DNS buffer poison attack refers to was changed DNS in server's DNS buffer some item, in such buffer no longer aimed at the correct position with the main engine related IP address. For example, if www.example.com maps IP address 192.168.0.1, and in the DNS server's buffer has this mapping, then succeeds to this server's DNS buffer poison aggressor may map www.example.com 10.0.0.1. In this case, attempts to visit www.example.com's user on possible and the wrong Web server contact.

The DNS agreement realizes in the standard including a 16 event ID field. If has realized this standard correctly, and through strong random number generator stochastic choice event ID, the aggressor needs the average 32,768 attempts to be able successful forecast this ID. But because the agreement realizes the weakness, uses in confirming DNS response DNS event ID and source port number randomness insufficient, may the forecast easily, this allow the aggressor to found the match expected value DSN to request the forge response, but the DNS server can think that this response is effective, therefore simplified the buffer poison attack.

The success uses this crack possibly to cause the DNS server's user contact wrong network service supplier, the final influence is various, from simple refuses to serve to network fishing and the financial cheating.

<* origin: Dan Kaminsky
 
  Link: http://secunia.com/advisories/31012/
        http://secunia.com/advisories/31011/
        http://secunia.com/advisories/30980/
        http://secunia.com/advisories/30979/

 

Other pages: : 1 * 2 * 3 * 4 * 5 * 6 * 7 * 8 * 9 * Next>>
Prev:F5 FirePass SSL VPN the SNMP protection procedure long-distance refuses to serve the crack Next:Drupal many input confirmation crack

Comment:

Category: Home > System crack
Home