Cache poisoning vulnerabilities found in 2 DNS resolving apps
At least one CVE could weaken defenses put in place following 2008 disclosure.
cryptocurrency The makers of BIND, the Internet’s most widely used software for resolving domain names, are warning of two vulnerabilities that allow attackers to poison entire caches of results and send users to malicious destinations that are indistinguishable from the real ones.
The vulnerabilities, tracked as CVE-2025-40778 and CVE-2025-40780, stem from a logic error and a weakness in generating pseudo-random numbers, respectively. They each carry a severity rating of 8.6. Separately, makers of the Domain Name System resolver software Unbound warned of similar vulnerabilities that were reported by the same researchers. The unbound vulnerability severity score is 5.6
Cache poisoning vulnerabilities found in 2 DNS resolving apps The vulnerabilities can be exploited to cause DNS resolvers located inside thousands of organizations to replace valid results for domain lookups with corrupted ones. The corrupted results would replace the IP addresses controlled by the domain name operator (for instance, 3.15.119.63 for arstechnica.com) with malicious ones controlled by the attacker. Patches for all three vulnerabilities became available on Wednesday.
]]>
Tags:
Related Posts
Discover the Best Fitness Trackers of 2023 for You
Choosing a fitness tracker doesn't have to be overwhelming. Let's explore the top options for 2023 and find the perfect fit for your lifestyle!
Tune Out the Chaos: Top Noise-Canceling Earbuds for You
Struggling to concentrate during workouts or commutes? Discover the best noise-canceling earbuds that keep distractions at bay and your focus sharp!
Find the Best Fitness Tracker for Your Unique Style
Choosing a fitness tracker can be tricky! Discover the best options for every workout style and get the most out of your fitness journey.
Find Your Perfect Fitness Tracker: The 2023 Guide
Searching for the right fitness tracker? Discover our friendly guide that compares the best options for every workout style in 2023!
Find Your Perfect Fitness Tracker for 2023
Choosing the right fitness tracker can be tough! Join us as we compare the best options of 2023 to keep you motivated and on track with your health goals.
Your Smart Home Needs This: A Simple Guide to IoT Security
Ready to secure your smart home? Discover easy IoT security tips to protect your devices and enjoy a safer, smarter living space.