« Microsoft Windows Shell Command Injection - MS12-048 (CVE-2012-0175) | Main | F4F Technology Helps You Analyze Applications For Security »

July 24, 2012

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d835130c5153ef017616aa9a58970c

Listed below are links to weblogs that reference Android DNS Poisoning: Randomness gone bad (CVE-2012-2808):

Comments

Lisa Peterson

Great Work! Clear and well documented... and No secret selling of '0 Days'!!

Mike

Very nice. Interesting read.
:)

otmar

Nice research and good that it's been fixed.

But I really don't see how this can be exploted in the real world.

(open wlans or recursors owned by the attacker don't need this. I don't know where else an attacker out there should see a dns packet originating from the Android device.)

Roee Hay

@otmar
Thanks for the feedback!:)

One example for an attack is closed wifi, to which the attacker has access (our PoC video demonstrates just that)

Mobile data networks are also attractive.

In either case, the attacker must be able to send spoofed DNS packets to the victim.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Follow us on Twitter

AppScan Free Trial


Try IBM Security AppScan software at no charge.

Become a Fan