Updated: Symantec fixes DNS cache poisoning flaw

Bill Brenner

Symantec has issued a fix for a DNS cache poisoning vulnerability in its Enterprise Firewall and Gateway Security software and VelociRaptor operating system.

IT security firm Secunia, which first reported the flaw Friday, issued an updated advisory

    Requires Free Membership to View

this morning that notes the hotfix Symantec has made available. Symantec issued its own advisory last night directing users to its support site for the appropriate hotfix.

Secunia, based in Copenhagen, Denmark, called the vulnerability "moderately critical."

"If a DNS cache is poisoned, one can no longer trust any Web site or host based on its domain name," Thomas Kristensen, Secunia's chief technology officer, said in an e-mailed statement. He added the problem "is an issue for system administrators, not normal private users."

When acting as a caching DNS server, the integrated DNS proxy reportedly trusts any answer received from a DNS server without checking that it actually corresponds to a query or is valid, Kristensen wrote. This can be exploited to insert fake information in the DNS cache, which can be used to direct users to malicious Web sites or just prevent them from accessing certain Web sites.

Symantec, of Cupertino, Calif., said in its advisory that the flaw affects the following products:

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: