Kaminsky explained to a crowd at the Blackhat conference in Las Vegas that the flaw he uncovered could be used for attacks far more complex and sinister than just phishing operations.
The researcher began his presentation with an update on the patching operation. He noted that hundreds of millions of users have been protected through updates by vendors and ISPs, and the majority of Fortune 500 companies had deployed patches for their servers as well
The vulnerability centers around the way the domain name system looks up information linking URLs to IP addresses. In short, the flaw allows an attacker to "poison" a given DNS server and redirect traffic to the malicious site.
The vulnerability has mostly been discussed for its possible use in phishing attacks. However, Kaminsky warned that it could also be used to compromise mail servers, allowing the attacker to intercept and redirect messages.
Kaminsky also admitted that the suggested solution to the problem, randomizing the source port, may not be a permanent solution. He said that the solution is more of a "stopgap" to stave off attacks until a better defense system can be developed.
He also warned that the DNS flaw could be the first of many potentially catastrophic flaws found in coming years, as more commonly used services and systems are probed for fundamental weaknesses.
"Even with DNS fixed, there are other scenarios in which unencrypted IP traffic is lost to an attacker," Kaminsky noted in the presentation.
"The attacker is capable of way more than he should be."
Kaminsky delivers DNS dirt
By Shaun Nichols on Aug 8, 2008 12:34PM