Blog

Cache poisoning vulnerabilities found in 2 DNS resolving apps

Cache poisoning vulnerabilities found in 2 DNS resolving apps
23 Oct

BIND Warns of Bugs that Could Bring DNS Cache Attack Back from the Dead

The developers of BIND, a popular DNS software, have recently disclosed several vulnerabilities that could potentially revive DNS cache poisoning attacks. One of the vulnerabilities, CVE-2025-40778, is particularly concerning as it allows an attacker to predict the source port and query ID that BIND will use, making it possible to trick the software into caching attacker responses.

Understanding the Vulnerabilities

CVE-2025-40778 raises the possibility of reviving cache poisoning attacks, which could allow an attacker to inject forged data into the cache. This could potentially affect the resolution of future queries. However, it’s worth noting that the resulting fallout would be significantly more limited than previously envisioned, as authoritative servers themselves are not vulnerable.

Additionally, various cache poisoning countermeasures remain intact, including DNSSEC, a protection that requires DNS records to be digitally signed. Other measures, such as rate limiting and server firewalling, are also considered best practices. As noted by Red Hat, these countermeasures help to mitigate the potential impact of the vulnerabilities.

Assessing the Risk

While the vulnerabilities are considered important rather than critical, they still have the potential to cause harm in some organizations. Exploitation is non-trivial and requires network-level spoofing and precise timing, but it’s still possible for an attacker to inject forged data into the cache. As such, patches for all three vulnerabilities should be installed as soon as practicable.

Red Hat has provided further information on the vulnerabilities, including CVE-2025-40780, which is considered important rather than critical. The company notes that the vulnerability is limited by the fact that it only affects cache integrity without server compromise.

In conclusion, the recent disclosure of vulnerabilities in BIND serves as a reminder of the importance of keeping software up to date and implementing best practices to mitigate potential security risks. For more information on the vulnerabilities and how to protect against them, readers can visit the Red Hat security advisory or the Red Hat security advisory. More details on the story can be found Here

Image Credit: arstechnica.com

Newer Protect Your Pet’s Eyes – The Dogington Post
Back to list
Older Elon Musk frets over controlling Tesla’s ‘robot army’ as car biz rebounds slightly

Leave a Reply

Your email address will not be published. Required fields are marked *