Experts Insight On Latest Flaw Within DNSpooq

It has been reported that Israel-based security consultancy firm JSOF disclosed today seven Dnsmasq vulnerabilities, collectively known as DNSpooq, that can be exploited to launch DNS cache poisoning, remote code execution, and denial-of-service attacks against millions of affected devices. What is Dnsmasq, it is an open-sourced DNS forwarding software with DNS caching and DHCP server capabilities. It is used by a number of companies including Android/Google, Comcast, Cisco, Redhat, Netgear, Qualcomm, Linksys, Netgear, IBM, D-Link, Dell, Huawei, and Ubiquiti.

Experts Comments

January 20, 2021
Javvad Malik
Security Awareness Advocate
KnowBe4

These are interesting attacks and while each on their own is limited, when combined together they can pose a high risk to devices running over versions of Dnsmasq. 

 

Additionally, these attacks can be chained together if internal devices have already been compromised on the network.

 

Therefore, it's important that organisations prioritise the patches for Dnsmasq where possible. The challenge however for many organisations will be where devices running Dnsmasq cannot be updated directly and so

.....Read More

These are interesting attacks and while each on their own is limited, when combined together they can pose a high risk to devices running over versions of Dnsmasq. 

 

Additionally, these attacks can be chained together if internal devices have already been compromised on the network.

 

Therefore, it's important that organisations prioritise the patches for Dnsmasq where possible. The challenge however for many organisations will be where devices running Dnsmasq cannot be updated directly and so they will be reliant on each device manufacturer to independently provide an update. 

 

It highlights some of the ongoing challenges with patching that organisations face and why unpatched software remains a popular attack method for criminals.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.