Caching bugs exposed in second biggest DNS server

Fri, Feb 27th, 2009

For years, cryptographer Daniel J. Bernstein has touted his djbdns as so secure he promised a $1,000 bounty to anyone who can poke holes in the domain name resolution software.

Now it could be time to pay up, as researchers said they've uncovered several vulnerabilities in the package that could lead end users to fraudulent addresses under the control of attackers.

djbdns is believed to be the second most popular DNS program, behind Bind. The bugs show that even the most secure DNS packages are susceptible to attacks that could visit chaos on those who use them.

One of the bugs, disclosed last week by researcher Kevin Day, exploits a known vulnerability in the DNS system that allows attackers to poison domain name system caches by flooding a server with multiple requests for the same address.

It was discovered in 2002 and applies a much older probability theory known as the Birthday Paradox. This holds that for a group of 23 randomly chosen people, there is a better than 50-per-cent probability that some pair will have been born on the same day and a better than 99-per-cent chance if the group is expanded to 57 people.

Share with friends if you like this page:
No comments yet.