The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
EGI CSIRT:Alerts/dns-29-07-2008
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
| Mission | Members | Contacts
| Incident handling | Alerts | Monitoring | Security challenges | Procedures | Dissemination
------------------------------------------------------------------------
EGEE Operational Security Coordination Team security alert
Security vulnerability: DNS cache poisoning/spoofing
Date: 29 July 2008
URL: http://cern.ch/osct/alerts/dns-29-07-2008.txt
Rating: Medium
Affects: Various DNS implementations
------------------------------------------------------------------------
Dear Security Contacts and System Administrators,
The OSCT has been made aware of a security flaw affecting various DNS
implementations. It is making DNS cache poisoning attacks more feasible
than previously thought. Details on the vulnerability, a list of
systems known to be affected, and actions you can take to secure your
systems can be found at
http://www.kb.cert.org/vuls/id/800113
If your site maintains DNS servers, please follow the linked
instructions to mitigate the risk. If sites do not maintain DNS
servers, no actions need to be taken. But it is strongly recommended
to check with operators of DNS services used by your site that proper
fixes have been applied to the servers.
Source
| Parts of this article came from the OSCT wiki, this was written by the EGEE Operational Security Coordination Team. |