SecurityRatty: Massive Patch Effort Coordinated for DNS System Flaw

This is cache of http://feeds.ziffdavisenterprise.com/~r/RSS/cheap_hack/~3/338277678/massive_coordinated_patch_effort_to_dns_system_flaw.html. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.

Massive Patch Effort Coordinated for DNS System Flaw

2008-07-08 17:56:25 by Editor in Cheap Hack

The DNS client and server patch in the July 8 set of Microsoft monthly patches wasn't just a Microsoft problem. It was part of a coordinated effort to patch numerous DNS servers for a series of problems that are common to DNS implementations. The US-CERT advisory on the subject describes three problems that, research has shown, can be combined into effective spoofing attacks:

VU#484649 - Microsoft Windows DNS Server vulnerable to cache poisoning
VU#252735 - ISC BIND generates cryptographically weak DNS query IDs
VU#927905 - BIND Version 8 generates cryptographically weak DNS query identifiers

The advisory lists 101 DNS servers, their status and the date of their last update. For the large majority of the servers the status is "Unknown," but several important ones are listed as Vulnerable and all of these were patched either today or late last week. Among the companies that have vulnerable systems, in addition to Microsoft, are Cisco, ISC, Juniper, Red Hat and Sun. Many of the servers whose status is "Unknown" were also patched quite recently, and it's a safe guess that it was for this reason. The advisory credits Dan Kaminsky of IOActive, Paul Vixie of ISC (Internet Systems Consortium) and Daniel J. Bernstein for the research. It also earlier mentions Amit Klein for work he did on one of the constituent attacks. According to CircleID, Kaminsky will reveal details of the attack in 30 days after users and vendors have had a fair shot at patching it.