MaginotDNS attacks exploit weak checks for DNS cache poisoning


A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named ‘MaginotDNS,’ that targets Conditional DNS (CDNS) resolvers and can compromise entire TLDs top-level domains.

The attack is made possible thanks to inconsistencies in implementing security checks in different DNS software and server modes (recursive resolvers and forwarders), leaving roughly one-third of all CDNS servers vulnerable.

The researchers presented the attack and paper earlier this week at Black Hat 2023, reporting that the identified problems have now been remediated at the software level.

Read more…