Re: [DNSOP] [Dailydave] DNS Poisoning via Port Exhaustion (fwd)

Tue, 18 Oct 2011 21:06:26 -0700 

In message <alpine.deb.2.00.1110182342050.12...@mail.xelerance.com>, Paul Woute
rs writes:
> 
> FYI
> 
> Paul

Nothing really new here.  Port exhaustion was a obvious and identified
threat when we looked at port randomisation.

> ---------- Forwarded message ----------
> Date: Tue, 18 Oct 2011 17:14:56
> From: Roee Hay <ro...@il.ibm.com>
> To: dailydave <dailyd...@lists.immunityinc.com>
> Subject: [Dailydave] DNS Poisoning via Port Exhaustion
> X-Spam-Flag: NO
> 
> Hey,
> 
> Today we are releasing a very interesting whitepaper which describes a DNS
> poisoning attack against stub resolvers.
> 
> It discloses two vulnerabilities:
> 
> 1. A vulnerability in Java (CVE-2011-3552, CVE-2010-4448) which enables rem=
> ote
> =A0 DNS poisoning using Java applets. This vulnerability can be triggered w=
> hen
> =A0 opening a malicious webpage. A successful exploitation of this vulnerab=
> ility
> =A0 may lead to disclosure and manipulation of cookies and web pages, discl=
> osure
> =A0 of NTLM credentials and clipboard data of the logged-on user, and even
> =A0 firewall bypass.
> 
> 2. A vulnerability in multiuser Windows environments which enables local DNS
> =A0 cache poisoning of arbitrary domains. This vulnerability can be trigger=
> ed
> =A0 by a normal user (i.e. one with non-administrative rights) in order to
> =A0 attack other users of the system. A successful exploitation of this
> =A0 vulnerability may lead to information disclosure, privilege escalation,
> =A0 universal XSS and more.
> 
> =A0Whitepaper: http://bit.ly/q31wSq
> =A0A blog post with video demos: http://bit.ly/qu4Ez7
> 
> 
> Roee Hay <ro...@il.ibm.com>, IBM Rational Application Security Research Gro=
> up
> Yair Amit <yai...@gmail.com>
> _______________________________________________
> Dailydave mailing list
> dailyd...@lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: ma...@isc.org
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to