11.14.2007

Windows DNS Server Cache Poisoning

Amit Klein finally released his research on Windows DNS Server Cache Poisoning today. He discovered the vulnerability that enables DNS cache poisoning attack against the Windows DNS server back in April. It took Microsoft over 6 months to come up with a patch. The weakness found is in the transaction ID generation algorithm. This is very similar to some of Amit's earlier research on Bind 8 & 9 dns cache poisoning. Here are the links to the research.

Windows DNS Server Cache Poisoning

BIND 8 DNS Cache Poisoning

BIND 9 DNS Cache Poisoning

Posted by digitalcartel at 2:04 PM 0 comments

Labels: , , , , , , , , ,

Subscribe to: Posts (Atom)