Aug

Follow Up – DNS Vulnerability

Follow up to “Oops DNS Attack Disclosed! And once again DJB…” there is now a working exploit out. It is an exploit using MetaSploit, a tool used to conduct security vulnerability research. You can also test your network using Nessus by Tenable Network Security.

The released exploit is available at the MetaSploit trac here.

This is now being exploited in the wild. Now here is an issue I ran into. I updated our Bind servers and then tested and noticed we were still vulnerable. How could this be.. I was getting pissed then I noticed.

query-source port 53;

So check your /etc/named.conf and check for both

query-source port 53;
query-source-v6 port 53;

Its related:

Adobe Flash Ad Hack and Gmail Supposed Hack (0)
Oops DNS Attack Disclosed! And once again DJB is the Shit! (3)
How do you keep updated? (0)
Zero-Day Exploit in Microsoft Excel (0)

Tags: exploit, hack, Windows

Posted by zerolove Nerdology Subscribe to RSS feed

You are here: Home » Nerdology » Follow Up – DNS Vulnerability

Follow Up – DNS Vulnerability

Leave a Reply

Said what?

Hosting Provided by:

Subscribe to Zerosource

Birmingham

Tech

Translate

For Zero!

@Zerolove