Security News > 2021 > January > DNSpooq Flaws Expose Millions of Devices to DNS Cache Poisoning, Other Attacks
Researchers at Israel-based boutique cybersecurity consultancy JSOF this week disclosed the details of seven potentially serious DNS-related vulnerabilities that could expose millions of devices to various types of attacks.
Its DNS subsystem "Provides a local DNS server for the network, with forwarding of all query types to upstream recursive DNS servers and caching of common record types."
There are two types of DNSpooq vulnerabilities: buffer overflow bugs that can lead to remote code execution and DoS attacks; and DNS response validation issues that can be exploited for DNS cache poisoning.
Launching a DNS cache poisoning attack against a device can allow an attacker to redirect users to arbitrary websites, and intercept traffic associated with email, SSH, remote desktop, communications and other types of systems.
Red Hat explained that DNS cache poisoning attacks can be conducted against clients that use Dnsmasq as a DNS server, and involves providing them incorrect name resolutions for poisoned entries.
Siemens, on the other hand, says its SCALANCE and RUGGEDCOM industrial devices are impacted only by the three security holes that can be exploited for DNS cache poisoning.