New SAD DNS Attack Variant to Substitute Fake Data in the DNS Cache
A team of researchers from the University of California, Riverside has published a new variant of the SAD DNS attack (CVE-2021-20322) that works despite protections added last year to block the CVE-2020-25705 vulnerability. The new method is generally similar to last year's vulnerability and differs only in the use of a different type of ICMP packets to check active UDP ports. The proposed attack allows for the substitution of fictitious data into the DNS server cache, which […]