A group of vulnerabilities in the popular DNSMasq software used for domain name system (DNS) caching and IP address assignment could allow an attacker to reroute network traffic or use nearly 1 million open forwarders on the Internet for denial-of-service (DoS) attacks.
The vulnerabilities — found by Israeli security services firm JSOF and confirmed by large technology firms including Google and Red Hat — include three vulnerabilities that allow DNS cache poisoning and four buffer-overflow vulnerabilities. Dubbed DNSpooq, the vulnerabilities could redirect people using the vulnerable DNS forwarding service, referred to as DNS cache poisoning, or be used to take over the device, JSOF stated in an advisory.
While a DoS attack or device takeover could happen, DNS cache poisoning could also be used for fraud, says Shlomi Oberman, CEO at JSOF.
“If you browse to one…