[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: US-CERT Vulnerability Note VU#800113

Subject: Re: US-CERT Vulnerability Note VU#800113
From: email@hidden
Date: Fri, 25 Jul 2008 10:26:43 -0400
Delivered-to: email@hidden
Delivered-to: email@hidden

Dave:

This is based on many details from several sites, but the actual details 
have yet to be released by Dan. 

Essentially if a user makes a DNS request to a DNS server the attacker can 
respond to the user with a bogus IP address. What happens after that is 
dependant on what the attacker is trying to do.

They could run malicious code and try to pwn the box.
They could run a phishing scam and just try to steal login credentials 
from users
They might have a fake Apple Update Service server running that hosts a 
bogus patch
etc...

The point is the users would be going to the wrong IP address.

Charles Profitt
Sr. Network Technician
BrainBench Certified - (Master)Microsoft Security | (Master)Storage Area 
Networks Concepts | (Master)Microsoft Vista Desktop Administration | 
(Master)Macintosh OS X 10.4 Desktop Administration
75 Barker Road
Pittsford, NY 14534

Important Notice: 
This communication, including any attachments, is intended only for the 
use of the individual(s) or entity(s) to which it is addressed and may 
contain information that is privileged, confidential and exempt from 
disclosure under applicable law. If the reader of this communication is 
not the intended recipient, you are hereby notified that any 
dissemination, distribution or reproduction of any part of this 
communication in any format is strictly prohibited. If you have received 
this communication in error, please notify us immediately by replying to 
this communication and deleting the original and any automatically 
generated copies. Thank-you for your co-operation.

Ian Meyer <email@hidden> 
07/25/2008 10:22 AM

To
Dave Pooser <email@hidden>
cc
<email@hidden>, OS X server list 
<email@hidden>
Subject
Re: US-CERT Vulnerability Note VU#800113

Nope, that's why I entrust DNS to folks smarter than me.

;)

On Jul 25, 2008, at 10:02 AM, Dave Pooser wrote:

> So: One user, one URL, and you've been pwned, even if your users 
> never click
> on a fake bankofamerica.com link, even if they use their own trusted
> bookmarks, even if they type the URL in to their browser manually. 
> Nervous
> yet?

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

Follow-Ups:
- Re: US-CERT Vulnerability Note VU#800113
  - From: Dave Pooser <email@hidden>

References:
	>Re: US-CERT Vulnerability Note VU#800113 (From: Dave Pooser <email@hidden>)
	>Re: US-CERT Vulnerability Note VU#800113 (From: Ian Meyer <email@hidden>)

Prev by Date: Re: PHP security ( suPHP equivalent )
Next by Date: Re: US-CERT Vulnerability Note VU#800113
Previous by thread: Re: US-CERT Vulnerability Note VU#800113
Next by thread: Re: US-CERT Vulnerability Note VU#800113
Index(es):
- Date
- Thread

Home