+- Sinisterly (https://sinister.ly)
+-- Forum: Computers (https://sinister.ly/Forum-Computers)
+--- Forum: Mobile & Tablets (https://sinister.ly/Forum-Mobile-Tablets)
+--- Thread: RSS_BOT CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed (/Thread-RSS-BOT-CVE-2012-2808-Android-4-0-4-DNS-poisoning-vulnerability-Exposed)
RSS_BOT CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed - 1llusion - 08-16-2012
CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed
Android's DNS resolver is vulnerable to DNS poisoning due to weak randomness in its implementation. Researchers Roee Hay & Roi Saltzman from IBM Application Security Research Group demonstrate that how an attacker can successfully guess the nonce of the DNS request with a probability thatis su cient for a feasible attack. Android version 4.0.4 and below are Vulnerable to this bug.<!-- adsense --
http://feedproxy.google.com/~r/TheHackersNews/~3/ty8DctzwpVU/cve-2012-2808-android-404-dns-poisoning.html