Dan Kaminsky Breaks DNS - Details at Black Hat Vegas ‘08

Posted by Nathan McFeters on ZDNet yesterday @ 2:59 pm

It would seem there’s a bigger story to that MS08-037 flaw that came out for Patch Tuesday today.

From Dave Lewis over at the Liquid Matrix security blog:

Today Dan Kaminsky released a first, as far as I can recall. A coordinated patch was released today by Dan Kaminsky of IO Active that fixes a vulnerability that apparently exists in all DNS servers.

Unlike other researchers who give up the gory details, Kaminsky took a wiser path by smiling and nodding. He’ll give up the goods at Black Hat in August. That should give folks enough time to patch their systems.

From CNET:

Toward addressing the flaw, Kaminsky said the researchers decided to conduct a synchronized, multivendor release and as part of that, Microsoft in its July Patch Tuesday released MS08-037. Cisco, Sun, and Bind are also expected to roll out patches later on Tuesday.

As part of the coordinated release, Art Manion of CERT said vendors with DNS servers have been contacted, and there’s a longer list of additional vendors that have DNS clients. That list includes AT&T, Akamai, Juniper Networks, Inc., Netgear, Nortel, and ZyXEL. Not all of the DNS client vendors have announced patches or updates. Manion also confirmed that other nations with CERTs have also been informed of this vulnerability.

The Liquid Matrix guys also mention that Rich Mogull has more details on the flaw over at the Securosis blog, and that the Thomas Ptacek, of the Matasano crew, has some doubts about this flaw, as seen on Twitter. Mogull calls the issue a “major issue in DNS that could allow attackers to easily compromise any name server (it also affects clients).” Mogull further goes on to say:

The issue is extremely serious, and all name servers should be patched as soon as possible. Updates are also being released for a variety of other platforms since this is a problem with the DNS protocol itself, not a specific implementation. The good news is this is a really strange situation where the fix does not immediately reveal the vulnerability and reverse engineering isn’t directly possible.

Download the Executive Overview here.


Popular posts from this blog

“How Are We Doing?” Efficiency, Utilization, and Productivity

EOQ Calculations in Excel

Excel Pareto Digrams and Run Charts for Total Quality Management