Years old DNS Bug can be used to spread Malware across World Wide Web

Old is gold for sure but in this case old is bad and bold

Google’s security researcher Dan Kaminsky along with Redhat Linux has identified a flaw in “glibc” also known as the Gnu C standard library. This flaw isn’t a new one as Kaminsky reported that it has “been around for quite some time,” approx. 8 years since the first time it was discovered in May 2008.

This bug CVE-2015-7547 is found in the DNS (Doman Name Service) of the Internet and can be easily exploited to spread malware in every nook and corner of the world. The nature of this bug is so serious that Kaminsky has called it a “solid critical vulnerability by any normal standard.”

The bug was first discovered in 2008, that means it’s an 8-year-old bug

Kaminsky states that this flaw tricks browsers into searching for shady domains after which servers would reply with excessively lengthy DNS names. This causes a buffer overflow in the software of the victim’s computer. Evidently, the bug is very dangerous as it can fully control the victim’s computer and let a hacker exploit it remotely. Kaminsky further says that the bug has “really worked its way across the globe.”

Surprisingly, the bug cannot attack Android devices but otherwise, it seems to be quite similar to bugs like Heartbleed as far as the extensiveness of range is concerned. In fact, Kaminsky believes that it can leave behind all its predecessors in scope and range of attack. The latest hole in the Gnu DNS libraries was coded only a few months after he corrected the flaws identified in 2008 in DNS, claims Kaminsky.

One aspect isn’t yet clear if the code can be remotely executed and exploited in the wild or not.

Redhat conducted a back of the envelope analysis, which revealed that:

“It is possible to write correctly formed DNS responses with attacker controlled payloads that will penetrate a DNS cache hierarchy and, therefore, allow attackers to exploit machines behind such caches.”

As of now, the bug is capable of making servers vulnerable to MiTM (man in the middle) attacks if only the hackers could gain access to specific servers.

This is not the first time when an old flaw has threatened the Internet users. Last year, a researcher discovered 18-year-old bug allowing attackers to steal data from all versions of Windows OS.

Related Posts