national computer network Emergency Response Coordination Center on the DNS system is facing serious security vulnerabilities emergency announcement:
Security Bulletin: CN-VA08-05
release date: July 24, 2008
vulnerability type: Spoofing
vulnerability assessment: important
security level: level three
since July 9, 2008, CISCO, Microsoft, ISC and other Internet DNS software vendors have released a security bulletin, called the DNS software in the presence of high-risk vulnerabilities, an attacker can guess the message sequence number DNS parsing process to fabricate the DNS authority server response, so as to achieve the "pollution" cache (Cache) in the record the purpose is pointing to the wrong domain name information into DNS servers, resulting in contamination of the DNS server will provide analytical results wrong. This attack can result in domain name hijacking attacks, making the public through the domain name to the hacker to visit the designated website, facing a series of serious security threats such as phishing and web trojans.