Apple patches for DNS flawAfter waiting since the beginning of July, Apple has put out a patch for the DNS cache poisoning Injecting false information into the caches of the DNS system so that future requests are diverted to another site. In July 1997, Eugene Kashpureff inserted fraudulent information into the DNS, causing users going to the Network Solutions Web site to be rerouted to his Alternic site. flaw discovered by security researcher Dan Kaminsky. The patch fixes Apple's version of the Berkeley Internet Name Domain (networking) Berkeley Internet Name Domain - (BIND) An implementation of a DNS server developed and distributed by the University of California at Berkeley. Many Internet hosts run BIND, and it is the ancestor of many commercial implementations. (BIND) DNS server in Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.4 and Mac OS X Server v10.5.4. The Berkeley Internet Name Domain (BIND) server, which provides translation between host names and IP addresses, is distributed with Mac OS X, and is not enabled by default. According to the statement that accompanied the patch, “A weakness in the DNS (Domain Name System) A system for converting host names and domain names into IP addresses on the Internet or on local networks that use the TCP/IP protocol. For example, when a Web site address is given to the DNS either by typing a URL in a browser or behind the protocol may allow remote attackers to perform DNS cache poisoning attacks. As a result, systems that rely on the BIND server for DNS may receive forged information.” The update implements greater source port randomization randomization (ranˈ·d  ·m to improve the odds against cache poisoning attacks.
Cisco, Microsoft, Sun Microsystems and many Linux versions put out a fix for the flaw on July 8, when it was first disclosed. Apple had taken some heat when it did not release its patch then, too. Andrew Storms, director of security operations for nCircle, said in a blog post that some of the patches for components in Apple's systems are incomplete. “For Apple, it matters most that they patch the client libraries since there are so few OS X recursive See recursion. recursive - recursion servers in use,” he wrote in the blog post. “The client libraries on my OS X 10.4.11 system, post patch install, still does not randomize ran·dom·ize tr.v. ran·dom·ized, ran·dom·iz·ing, ran·dom·iz·es To make random in arrangement, especially in order to control the variables in an experiment. the source port...despite this update, it appears that the client libraries still aren't patched.” In addition to the DNS fix, Apple shored up some 16 other vulnerabilities in Mac OS X. 
|
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion