vendor:
BIND
by:
posedge
5.5
CVSS
MEDIUM
DNS Cache Poisoning
300
CWE
Product Name: BIND
Affected Version From: 9.0.0
Affected Version To: 9.4.2001
Patch Exists: YES
Related CWE:
CPE: a:bind:bind:9.0.0:
Platforms Tested:
DNS Cache Poison v0.3beta
This is a Python script that performs DNS cache poisoning. It is based on the Amit Klein paper: http://www.trusteer.com/docs/bind9dns.html. The script predicts the next transaction ID for DNS queries and attempts to poison the cache with malicious responses. The output of the script includes the time, IP, port, ID, query, number of good predicted IDs, and number of errors.
Mitigation:
To mitigate this vulnerability, it is recommended to keep BIND9 up to date and apply any security patches released by the vendor. Additionally, implementing DNSSEC can help protect against DNS cache poisoning attacks.
