The vulnerability has been detected in the way some Domain Name System (DNS) services handle recursive DNS queries. The DNS is responsible for translating host names to IP addresses and is critical for the normal operation of internet-connected systems. DNS cache poisoning (sometimes referred to as cache pollution) is an attack technique that allows an attacker to introduce forged DNS information into the cache of a caching nameserver. Older versions of the BIND (Berkeley Internet Name Domain) DNS service and the Microsoft DNS service have been found to be susceptible to the poisoning of cached recursive resolvers with spoofed data.

CERT has issued an advisory for a massive multivendor patch to resolve a major issue in DNS that could allow attackers to easily compromise any name server (it also affects clients). Dan Kaminsky discovered the flaw early this year and has been working with a large group of vendors on a coordinated patch.

The issue is extremely serious, and all name servers should be patched as soon as possible. Updates are also being released for a variety of other platforms since this is a problem with the DNS protocol itself, not a specific implementation. The good news is this is a really strange situation where the fix does not immediately reveal the vulnerability and reverse engineering isn’t directly possible.

We strongly encourage you to keep the DNS service BIND (Berkeley Internet Name Domain) updated with the latest version on your Dedicated Server.
To Update BIND (in Redhat or Fedora)

1. SSH to your server.
2. Type su – and press Enter to gain root access.
3. Type cp /etc/sysconfig/named /etc/sysconfig/named.bak
4. Type yum clean all.
5. Type yum update bind

Share on Facebook