|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Squid Cache DNS Lookup Spoofing Vulnerability
> Description: > A vulnerability has been reported in Squid, which can > be exploited by malicious people to spoof DNS lookups. > > The vulnerability is caused due to an unspecified > error in the DNS client when handling DNS responses > and can be exploited to spoof DNS lookups. The Squid description offers slightly more details: | Malicious users may spoof DNS lookups if the DNS client UDP port | (random, assigned by OS at startup) is unfiltered and your network is | not protected from IP spoofing. <http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query> This probably means that it's not possible to exploit this in a scalable way, just by manipulating authoritative name server replies. Most stub resolvers suffer from similar problems. Sometimes this is an explicit design decision (to keep the code as simple as possible). It's also not completely fixable because the DNS protocol requires a 16-bit message ID.
|