All the latest UK technology news, reviews and analysis
|
|
|
25 Jul 2008
Exploit code has surfaced for a high-profile security flaw in the Domain Name System.
Researchers H D Moore and 'Druid' have developed a module which is capable of exploiting the vulnerability. The module runs through Metasploit, a vulnerability-testing framework built by Moore.
The exploit code is the first to appear for the DNS cache-poisoning flaw first discovered by researcher Dan Kaminsky.
The release of the module comes just days after details of the flaw were disclosed by fellow researcher Halvar Flake.
Kaminsky said that he had found the flaw, but refrained from disclosing the details until vendors could issue a patch. He planned to unveil the details at next month's Black Hat conference.
Details of the vulnerability were not made publicly available, but Kaminsky shared his research with a number of hardware and software vendors, prompting one of the largest mass-patch rollouts in history.
That policy may have helped to avoid a major catastrophe, as most servers were protected even before details on the flaw were known.
Zulfikar Ramzan, technical director of Symantec's Security Technology and Response team, told vnunet.com that the exploit code adds little danger to the situation at this point.
"My impression is that most of the major ISPs have already patched," he said. "At this stage I don't know if it is going to affect end users."
Ramzan added that, while there are a large number of servers that have not been patched, many are poorly maintained and are likely to be open to older, more established attack methods anyway.
He also noted that, although the module has the ability to exploit the flaw, it is far from a real-world attack by actual criminals.
However, administrators may not be out of the woods just yet. Ramzan said that a greater danger could come after Kaminsky posts the full details of the flaw and attackers get a better look at the nature of the vulnerability.
"There is a saying in the security community that attacks always get better, they never get worse," he warned. "Someone might develop variations on the attack that are more potent."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Java / J2EE analyst programmer with experience of building...
Crystal Reports Developer London or Dublin £340 per day...
Our client is a major Broadcasting company seeking a...
Support Engineer required to work for leading Online...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?