Difference between revisions of "EGI CSIRT:Alerts/dns-29-07-2008"
Jump to navigation
Jump to search
(Created page with '{{Under construction}} {{Egi-csirt-header}} {{From OSCT wiki|http://osct.web.cern.ch/osct/alerts.html}}') |
({{From OSCT wiki|http://osct.web.cern.ch/osct/alerts/dns-29-07-2008.txt}}) |
||
Line 1: | Line 1: | ||
{{Egi-csirt-header|DNS cache poisoning/spoofing}} | |||
{{Egi-csirt-header}} | <pre><nowiki> | ||
{{From OSCT wiki|http://osct.web.cern.ch/osct/alerts. | ------------------------------------------------------------------------ | ||
EGEE Operational Security Coordination Team security alert | |||
Security vulnerability: DNS cache poisoning/spoofing | |||
Date: 29 July 2008 | |||
URL: http://cern.ch/osct/alerts/dns-29-07-2008.txt | |||
Rating: Medium | |||
Affects: Various DNS implementations | |||
------------------------------------------------------------------------ | |||
Dear Security Contacts and System Administrators, | |||
The OSCT has been made aware of a security flaw affecting various DNS | |||
implementations. It is making DNS cache poisoning attacks more feasible | |||
than previously thought. Details on the vulnerability, a list of | |||
systems known to be affected, and actions you can take to secure your | |||
systems can be found at | |||
http://www.kb.cert.org/vuls/id/800113 | |||
If your site maintains DNS servers, please follow the linked | |||
instructions to mitigate the risk. If sites do not maintain DNS | |||
servers, no actions need to be taken. But it is strongly recommended | |||
to check with operators of DNS services used by your site that proper | |||
fixes have been applied to the servers. | |||
</nowiki></pre> | |||
{{From OSCT wiki|http://osct.web.cern.ch/osct/alerts/dns-29-07-2008.txt}} |
Latest revision as of 13:19, 21 June 2010
| Mission | Members | Contacts
| Incident handling | Alerts | Monitoring | Security challenges | Procedures | Dissemination
------------------------------------------------------------------------ EGEE Operational Security Coordination Team security alert Security vulnerability: DNS cache poisoning/spoofing Date: 29 July 2008 URL: http://cern.ch/osct/alerts/dns-29-07-2008.txt Rating: Medium Affects: Various DNS implementations ------------------------------------------------------------------------ Dear Security Contacts and System Administrators, The OSCT has been made aware of a security flaw affecting various DNS implementations. It is making DNS cache poisoning attacks more feasible than previously thought. Details on the vulnerability, a list of systems known to be affected, and actions you can take to secure your systems can be found at http://www.kb.cert.org/vuls/id/800113 If your site maintains DNS servers, please follow the linked instructions to mitigate the risk. If sites do not maintain DNS servers, no actions need to be taken. But it is strongly recommended to check with operators of DNS services used by your site that proper fixes have been applied to the servers.
Source
Parts of this article came from the OSCT wiki, this was written by the EGEE Operational Security Coordination Team. |