Cache poisoning vulnerability found in BIND
Posted Jul 26, 2007 3:30 UTC (Thu) by smoogen
Parent article: Cache poisoning vulnerability found in BIND
I am not sure about the random source port for UDP transactions.. would it not require intervening firewalls to have a connection tracker that did DNS, and would need to be able to decode the UDP port coming back so that they were part of the transaction.
I would agree that either this attack or something similar might have been in use for a while. Looking over DNS traffic to our university servers.. there has been some stuff that has got the back fo the head going.. hmmm.
to post comments)