CVE-2012-2808
CVSS5.0
发布时间 :2015-04-01 06:59:00
修订时间 :2015-04-01 11:56:47
NMCOPS    

[原文]The PRNG implementation in the DNS resolver in Bionic in Android before 4.1.1 incorrectly uses time and PID information during the generation of random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2015-0800.


[CNNVD]Open Handset Alliance Android 远程DNS缓存投毒漏洞(CNNVD-201207-436)

        Android是Google通过Open Handset Alliance发起的项目,用于为移动设备提供完整的软件集,包括操作系统、中间件等。
        Open Handset Alliance Android中存在远程DNS缓存投毒漏洞。攻击者可利用该漏洞从合法网站转移数据到攻击者指定的站点,成功的利用将缓存投毒并窃取受害者的cookie或执行冒充的站点,也可能存在其他攻击。Android 4.0.4版本和早期版本中存在漏洞。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2808
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2808
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201207-436
(官方数据源) CNNVD

- 其它链接及资源

http://www.mozilla.org/security/announce/2015/mfsa2015-41.html
(VENDOR_ADVISORY)  MISC  http://www.mozilla.org/security/announce/2015/mfsa2015-41.html
http://blog.watchfire.com/files/androiddnsweakprng.pdf
(UNKNOWN)  MISC  http://blog.watchfire.com/files/androiddnsweakprng.pdf

- 漏洞信息

Open Handset Alliance Android 远程DNS缓存投毒漏洞
2012-07-26 00:00:00 2012-07-26 00:00:00
远程  
        Android是Google通过Open Handset Alliance发起的项目,用于为移动设备提供完整的软件集,包括操作系统、中间件等。
        Open Handset Alliance Android中存在远程DNS缓存投毒漏洞。攻击者可利用该漏洞从合法网站转移数据到攻击者指定的站点,成功的利用将缓存投毒并窃取受害者的cookie或执行冒充的站点,也可能存在其他攻击。Android 4.0.4版本和早期版本中存在漏洞。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://www.openhandsetalliance.com/android_overview.html

- 漏洞信息 (F114972)

Android 4.0.4 DNS Poisoning (PacketStormID:F114972)
2012-07-24 00:00:00
Roee Hay  
advisory
CVE-2012-2808
[点击下载]

Android versions 4.0.4 and below suffer from a DNS poisoning vulnerability.

1 Introduction
===========
Recently we discovered a very interesting vulnerability in Android    

- 漏洞信息

88086
Google Android res_randomid() Function DNS Cache Poisoning Weakness
Mobile Phone / Hand-held Device Cryptographic
Loss of Integrity Upgrade
Exploit Unknown Vendor Verified

- 漏洞描述

Google Android is vulnerable to a DNS Cache poisoning weakness that is triggered when the wrapper fails to randomly acquire a port with it's own DNS port implementation. After failing to do so ten times it will authorize the use res_randomid() function of res_init.c to complete the task. This function draws from the port from a predictable set of numbers, which may make it easier for a remote attacker to poison the DNS cache of a target user.

- 时间线

2012-07-24 Unknow
Unknow Unknow

- 解决方案

It has been reported that this issue has been fixed. Upgrade to version 4.1.1, or higher, to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Open Handset Alliance Android Remote DNS Cache Poisoning Vulnerability
Design Error 54657
Yes No
2012-07-24 12:00:00 2012-07-24 12:00:00
Roee Hay and Roi Saltzman

- 受影响的程序版本

Open Handset Alliance Android 4.0.1

- 漏洞讨论

Open Handset Alliance Android is prone to a remote DNS cache-poisoning vulnerability.

An attacker can exploit this issue to divert data from a legitimate site to an attacker-specified site.

Successfully exploiting this issue will allow attackers to poison the DNS cache and steal the victimâ??s cookies or perform site-impersonation; other attacks are also possible.

Android 4.0.4 and prior are vulnerable.

- 漏洞利用

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

- 解决方案

Updates are available. Please see the references for more information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站