Computer Security
[EN] securityvulns.ru no-pyccku


DNS birthday attacks
updated since 25.04.2003
Published:17.04.2007
Source:
SecurityVulns ID:2773
Type:remote
Threat Level:
6/10
Description:DNS uses 2-bytes message identificator to prevent spoofing attack. The problem is if few same requests came in same time they are forwarded with different IDs from same UDP port. It increases chances to spoof reply (so called birthdey effect: probability that among 60 randomely choosen persons there are 2 with same bithdate is under 95%).
CVE:CVE-2002-2213 (The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.)
 CVE-2002-2212 (The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.)
 CVE-2002-2211 (BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.)
Original documentdocumentMakoto Shiotsuki, Windows DNS Cache Poisoning by Forwarder DNS Spoofing (17.04.2007)
 documentRamon Izaguirre, An Implementation of a Birthday Attack in a DNS Spoofing (25.04.2003)
Files:Implementation of DNS birthday attack

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod