DNS Implementations Vulnerable to Cache Poisoning

US-CERT is aware of deficiencies in the DNS protocol. Implementations of this protocol may leave the affected system vulnerable to DNS cache poisoning attacks. If an attacker can successfully conduct a cache poisoning attack, they may be able to cause a nameserver's clients to contact the incorrect, and possibly malicious, hosts for particular services. This may allow an attacker to obtain sensitive information or mislead users into believing they are visiting a legitimate website.

UPDATE: Technical details regarding this vulnerability have been posted to public websites. Attackers could use these details to construct exploit code. Users are encouraged to patch vulnerable systems immediately.

US-CERT encourages users to review "VU#800113 - Multiple DNS implementations vulnerable to cache poisoning" and apply any necessary solutions listed in that document to help mitigate the risks.

US-CERT will provide additional information as it becomes available.

Read more: US-CERT Current Activity