Experts Insight On Latest Flaw Within DNSpooq

By   ISBuzz Team
Writer , Information Security Buzz | Jan 20, 2021 04:06 am PST

It has been reported that Israel-based security consultancy firm JSOF disclosed today seven Dnsmasq vulnerabilities, collectively known as DNSpooq, that can be exploited to launch DNS cache poisoning, remote code execution, and denial-of-service attacks against millions of affected devices. What is Dnsmasq, it is an open-sourced DNS forwarding software with DNS caching and DHCP server capabilities. It is used by a number of companies including Android/Google, Comcast, Cisco, Redhat, Netgear, Qualcomm, Linksys, Netgear, IBM, D-Link, Dell, Huawei, and Ubiquiti.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
January 20, 2021 12:19 pm

<p>These are interesting attacks and while each on their own is limited, when combined together they can pose a high risk to devices running over versions of Dnsmasq. </p> <p> </p> <p>Additionally, these attacks can be chained together if internal devices have already been compromised on the network.</p> <p> </p> <p>Therefore, it\’s important that organisations prioritise the patches for Dnsmasq where possible. The challenge however for many organisations will be where devices running Dnsmasq cannot be updated directly and so they will be reliant on each device manufacturer to independently provide an update. </p> <p> </p> <p>It highlights some of the ongoing challenges with patching that organisations face and why unpatched software remains a popular attack method for criminals.</p>

Last edited 3 years ago by Javvad Malik

Recent Posts

Would love your thoughts, please comment.x