Thursday, 24 July 2008

Attack code published for DNS flaw

The urgency to patch Dan Kaminsky’s DNS cache poisoning vulnerability just went up a few notches.

Exploit code for the flaw, which allows the insertion of malicious DNS records into the cache of the target nameserver, has been added to Metasploit, a freely distributed attack/pen-testing tool.

According to Metasploit creator HD Moore (left), who teamed up with researcher Druid to create the exploit, a DNS service has also been created to assist with the exploit.

We spoke about the DNS patch h3r3

No comments:

FEEDJIT Live Traffic Feed