Top DNS service may be suffering from some serious security flaws
Seven vulnerabilities have been identified in total
An Israeli cybersecurity firm has discovered some serious security flaws affecting a piece of popular Domain Name System (DNS) software. Jerusalem-based JSOF has disclosed seven vulnerabilities affecting dnsmasq, an open-source DNS forwarding program, that the firm has collectively called DNSpooq.
“The Dnspooq vulnerabilities include DNS cache poisoning vulnerabilities as well as a potential remote code execution and others,” the JSOF report read. “The list of devices using dnsmasq is long and varied. According to our internet-based research, prominent users of dnsmasq seem to include Cisco routers, Android phones, Aruba devices, Technicolor, and Red-Hat, as well as Siemens, Ubiquiti networks, Comcast, and others.”
According to JSOF, the security flaws can be used to implement DNS cache poisoning, remote code execution, and denial-of-service attacks against a huge number of affected devices.
- Check out our roundup of the best endpoint protection software
- Keep your devices virus-free with the best malware removal software
- We've also put together a list of the best identity theft protection services available
Seven deadly security bugs
Breaking down the seven security bugs, three can be used to launch DNS cache poisoning. This would allow attackers to replace legitimate DNS records with false information so that DNS queries directed users to the wrong websites – usually malicious ones. Once on the spoof website, victims may be subjected to phishing attempts, credential theft, or malware attacks.
The other four DNS vulnerabilities are buffer overflow flows, which could allow attackers to execute code remotely on vulnerable network equipment. JSOF has identified a number of vendors that use the dnsmasq software and the degree to which their devices remain vulnerable to the exploits discovered depends on how the software is employed.
In order to mitigate against the discovered threats, JSOF advises that users of dnsmasq software update to the latest version immediately. In addition, the firm has also listed a number of workarounds as a temporary fix.
- We've also highlighted the best disaster recovery services
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services. After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.