In message <alpine.deb.2.00.1110182342050.12...@mail.xelerance.com>, Paul Woute rs writes: > > FYI > > Paul
Nothing really new here. Port exhaustion was a obvious and identified threat when we looked at port randomisation. > ---------- Forwarded message ---------- > Date: Tue, 18 Oct 2011 17:14:56 > From: Roee Hay <ro...@il.ibm.com> > To: dailydave <dailyd...@lists.immunityinc.com> > Subject: [Dailydave] DNS Poisoning via Port Exhaustion > X-Spam-Flag: NO > > Hey, > > Today we are releasing a very interesting whitepaper which describes a DNS > poisoning attack against stub resolvers. > > It discloses two vulnerabilities: > > 1. A vulnerability in Java (CVE-2011-3552, CVE-2010-4448) which enables rem= > ote > =A0 DNS poisoning using Java applets. This vulnerability can be triggered w= > hen > =A0 opening a malicious webpage. A successful exploitation of this vulnerab= > ility > =A0 may lead to disclosure and manipulation of cookies and web pages, discl= > osure > =A0 of NTLM credentials and clipboard data of the logged-on user, and even > =A0 firewall bypass. > > 2. A vulnerability in multiuser Windows environments which enables local DNS > =A0 cache poisoning of arbitrary domains. This vulnerability can be trigger= > ed > =A0 by a normal user (i.e. one with non-administrative rights) in order to > =A0 attack other users of the system. A successful exploitation of this > =A0 vulnerability may lead to information disclosure, privilege escalation, > =A0 universal XSS and more. > > =A0Whitepaper: http://bit.ly/q31wSq > =A0A blog post with video demos: http://bit.ly/qu4Ez7 > > > Roee Hay <ro...@il.ibm.com>, IBM Rational Application Security Research Gro= > up > Yair Amit <yai...@gmail.com> > _______________________________________________ > Dailydave mailing list > dailyd...@lists.immunityinc.com > https://lists.immunityinc.com/mailman/listinfo/dailydave > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop