Thursday, October 27, 2011

DNS Poisoning Via Port Exhaustion

Whitepaper called DNS Poisoning Via Port Exhaustion. It covers everything from how DNS poisoning works to various methods of performing attacks. It discloses two vulnerabilities. One is in Java which enables remote DNS poisoning using Java applets. The other is in multiuser Windows environments that allows for a local DNS cache poisoning of arbitrary domains.

Authored by Yair Amit, Roee Hay
Advisories | CVE-2011-3552, CVE-2010-4448


Post a Comment