Top DNS service may be suffering from some serious security flaws

Open padlock on laptop
(Image credit: Future)

An Israeli cybersecurity firm has discovered some serious security flaws affecting a piece of popular Domain Name System (DNS) software. Jerusalem-based JSOF has disclosed seven vulnerabilities affecting dnsmasq, an open-source DNS forwarding program, that the firm has collectively called DNSpooq.

“The Dnspooq vulnerabilities include DNS cache poisoning vulnerabilities as well as a potential remote code execution and others,” the JSOF report read. “The list of devices using dnsmasq is long and varied. According to our internet-based research, prominent users of dnsmasq seem to include Cisco routers, Android phones, Aruba devices, Technicolor, and Red-Hat, as well as Siemens, Ubiquiti networks, Comcast, and others.”

According to JSOF, the security flaws can be used to implement DNS cache poisoning, remote code execution, and denial-of-service attacks against a huge number of affected devices.

Seven deadly security bugs

Breaking down the seven security bugs, three can be used to launch DNS cache poisoning. This would allow attackers to replace legitimate DNS records with false information so that DNS queries directed users to the wrong websites – usually malicious ones. Once on the spoof website, victims may be subjected to phishing attempts, credential theft, or malware attacks.

The other four DNS vulnerabilities are buffer overflow flows, which could allow attackers to execute code remotely on vulnerable network equipment. JSOF has identified a number of vendors that use the dnsmasq software and the degree to which their devices remain vulnerable to the exploits discovered depends on how the software is employed.

In order to mitigate against the discovered threats, JSOF advises that users of dnsmasq software update to the latest version immediately. In addition, the firm has also listed a number of workarounds as a temporary fix.

Via Bleeping Computer

TOPICS
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things. 

Latest in Security
person at a computer
Many workers are overconfident at spotting phishing attacks
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Latest in News
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung's latest software upgrade could mean Galaxy phones beat iPhones for gaming – but you can't get it yet
person at a computer
Many workers are overconfident at spotting phishing attacks
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)