DNSpooq Flaws Allow DNS Hijacking of Millions of Devices

2021-01-19 21:25

The set of seven flaws are comprised of buffer overflow issues and flaws allowing for DNS cache-poisoning attacks.

If exploited, these flaws could be chained together to allow remote code execution, denial of service and other attacks.

"DNSpooq is a series of vulnerabilities found in the ubiquitous open-source software dnsmasq, demonstrating that DNS is still insecure, 13 years after the last major attack was described," said researchers with the JSOF research lab, in a recent analysis.

DNS cache poisoning is a type of attack that enables DNS queries to be subverted.

In a real-world situation, an attacker here could use unsolicited DNS responses to poison the DNS cache, convince unknowing internet browsers to a specially-crafted attacker-owned website, and then redirect them to malicious servers.

The memory-corruption flaws can be triggered by a remote attacker using crafted DNS responses.

News URL

https://threatpost.com/dnspooq-flaws-allow-dns-hijacking-of-millions-of-devices/163163/

#DNS #hijacking