DNSpooq Flaws Expose Millions of Devices to DNS Cache Poisoning, Other Attacks>
Sec – Eduard Kovacs
Researchers at Israel-based boutique cybersecurity consultancy JSOF this week disclosed the details of seven potentially serious DNS-related vulnerabilities that could expose millions of devices to various types of attacks.

The vulnerabilities, collectively tracked as DNSpooq, impact Dnsmasq, a widely used piece of open source software designed to provide DNS, DHCP, router advertisement and network boot capabilities for small networks. Its DNS subsystem âprovides a local DNS server for the network, with forwarding of all query types to upstream recursive DNS servers and caching of common record types.â

The software is mainly written and maintained by Simon Kelley, who has informed users about the availability of patches. The vulnerability disclosure process began in August 2020 and several impacted vendors told customers that they are working on address the issues. There are two types of DNSpooq vulnerabilities: buffer overflow bugs that can lead to remote code execution and DoS attacks (tracked as CVE-2020-25681, CVE-2020-25682, CVE-2020-25683 and CVE-2020-25687); and DNS response validation issues that can be exploited for DNS cache poisoning (tracked as CVE-2020-25684, CVE-2020-25685 and CVE-2020-25686).
Link: https://www.securityweek.com/dnspooq-flaws-expose-millions-devices-dns-cache-poisoning-other-attacks