![]() |
RSS_BOT CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed - Printable Version +- 0Day Forums (https://0day.red) +-- Forum: Hacking & Exploits (https://0day.red/Forum-Hacking-Exploits) +--- Forum: Mobile Hacking (https://0day.red/Forum-Mobile-Hacking) +--- Thread: RSS_BOT CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed (/Thread-RSS-BOT-CVE-2012-2808-Android-4-0-4-DNS-poisoning-vulnerability-Exposed) |
RSS_BOT CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed - snootiness534273 - 08-16-2012 CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed Android's DNS resolver is vulnerable to DNS poisoning due to weak randomness in its implementation. Researchers Roee Hay & Roi Saltzman from IBM Application Security Research Group demonstrate that how an attacker can successfully guess the nonce of the DNS request with a probability thatis su cient for a feasible attack. Android version 4.0.4 and below are Vulnerable to this bug.<!-- adsense -- [To see links please register here] |