Support
Eng
òÕÓ
Company
Home
Services
Solutions
Documentation
News and Events
 
 
 
Knowledgebase
Downloads
Glossary
Ask a Question
Search:     Advanced search
SHALB.com / Security Knowledgebase / Network Security / DNS / Remote DNS Resolver Uses Non-Random Ports
server monitoring

Remote DNS Resolver Uses Non-Random Ports
Article ID: 33447
Last updated: 27 Jan, 2009
Print
Email to friend
Views: 583
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.

Remote DNS Resolver Uses Non-Random Ports
This script is Copyright (C) 2008-2009 Tenable Network Security

FamilyDNS
Plugin ID33447
Bugtraq ID30131
CVE IDCVE-2008-1447

Description:

Synopsis :

The remote name resolver (or the server it uses upstream) may be vulnerable
to DNS cache poisoning.


Description :

The remote DNS resolver does not use random ports when making queries to
third party DNS servers.

This problem might be exploited by an attacker to poison the remote DNS
server more easily, and therefore divert legitimate traffic to arbitrary
sites.

See also :

http://www.kb.cert.org/vuls/id/800113

Solution :

Contact your DNS server vendor for a patch

Risk factor :

High / CVSS Base Score : 9.4
(CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:C)
This article was:   Helpful | Not Helpful
Prev   Next
The remote BIND has dynamic updates enabled     ISC BIND 4.x DNS Resolver Functions Remote Overflow

server monitoring

¿ 2010 "SHALB.com" All rights reserved
SHALB Home
Services
Solutions
Documentation
News and Events