HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 26 guests and 2 members online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Malwarearrow Attack Code Published For Big DNS Flaw
Ethical Hacker Community Forums
January 08, 2009, 09:00:09 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2009 - May 4 - 9. Boot Camps & an Ethical Hacking Conf. www.chicagocon.com
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Attack Code Published For Big DNS Flaw  (Read 1178 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 2435


Editor-In-Chief


View Profile WWW
« on: July 24, 2008, 02:02:53 PM »
Larry Seltzer reports on his PC Mag Security Blog:

Quote

It was just a matter of time after the premature release of details on the attack: attack code for the big DNS vulnerability patched in many products earlier this month has been released.

The exploit code allows for the insertion of malicious records into the cache of targeted DNS servers. It has been posted to Metasploit whose creator, HD Moore, wrote the exploit with a researcher named "|)ruid " from the Computer Academic Underground.

If you're responsible for a DNS server—not just Windows, but all the major ones—and have not applied this patch, you and your users are at great risk. Patch now.


http://blogs.pcmag.com/securitywatch/2008/07/attack_code_published_for_big.php

Don
Logged
CISSP, MCSE, CEH, Security+ SME
apollo
Jr. Member
**
Offline Offline

Posts: 51


View Profile WWW
« Reply #1 on: July 24, 2008, 09:52:00 PM »
The module is already in the subversion tree for metasploit.  There are 2 modules, one for hosts, one for domains.  If you want to just check to see if you are vulnerable, the module has been coded with the check command to test without exploiting.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.069 seconds with 23 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
How many security events including conferences and training do you attend a year:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2009 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.