In order to prevent cache poisoning with spoofed DNS responses, it is necessary to maximise the uncertainty in the choice of a source port for a DNS query. This goes against recommended practice since 2008, when Dan Kaminsky discovered how easy is to carry out DNS cache poisoning attacks. ![]() Graylog binds a single socket for outgoing DNS queries and while that socket is bound to a random port number it is never changed again. Graylog makes use of only one single source port for DNS queries. Graylog is a free and open log management platform. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. ![]() IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. ![]() Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |