TsuNAME Vulnerability Can Be Exploited for DDoS Attacks on DNS Servers

Source
Advertisement


The flaw, dubbed TsuNAME, was discovered by researchers at SIDN Labs (the R&D team of the registry for .nl domains), InternetNZ (the registry for .nz domains), and the Information Science Institute at the University of Southern California.

Impacted organizations have been notified and given 90 days to take action before the vulnerability was disclosed. Google and Cisco, both of which provide widely used DNS services, have deployed patches for TsuNAME, but the researchers believe many servers are still vulnerable to attacks.

An attacker can abuse recursive resolvers affected by TsuNAME to send a large volume of queries to targeted authoritative servers, such as the ones of TLD operators.

Advertisement