![]() ![]() ![]() As Pi-hole always takes security very important, we have a few countermeasures always in place to mitigate such vulnerabilities. As the vulnerability resides in the early stages of DNSSEC validation, DNSSEC’s defense against DNS attacks is rendered ineffective. In addition to the cache poisoning attack, JSOF research lab found a critical heap-buffer overflow vulnerability that could potentially lead to remote code execution. This is also again the point where we should point out that running an open resolver is a really bad idea and that accessing your Pi-hole over an encrypted channel (such as a Wireguard VPN) is fairly easy to set up and gives you a lot of extra benefits. The attack is possible directly from the Internet and affects about 1 million (!) open dnsmasq instances. The importance of this vulnerability is underlined by their demonstration of being able to complete such an attack successfully within only seconds (up to only a few minutes) without any special requirements on the configuration of the server. Their attack allowed for the poisoning of multiple domain names at once and is a result of several vulnerabilities found. The JSON research lab found that dnsmasq is vulnerable to a DNS cache poisoning attack by an off-path attacker (i.e., an attacker that does not observe the communication between the DNS forwarder and the DNS server). If not, you can simply update your Pi-hole using pihole -up to immediately receive and automatically apply the new security fixes without having to read anything here. In this blog post, we provide a small write-up of the technical details for those that are interested. It is not yet clear when the major distributions will receive the new version and if the fixes will at all be backported into older OS releases. As usual, we want to ship security fixes as soon as possible. Today we release an important security update for the DNS and DHCP server dnsmasq working at the very heart of pihole-FTL. It was agreed upon to keep the discovered vulnerabilities private until fixes are published to allow our users adequate time to test and install updates before exploits are easily available. We’ve been in contact with them and, over the last couple of weeks, we’ve partnered and worked closely with Cisco, Red Hat and, Simon Kelley (the maintainer of dnsmasq) to fix the discovered vulnerabilities. They named the set of vulnerabilities dnspooq. In September 2020, the JSOF Research Lab discovered seven security vulnerabilities in dnsmasq. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |