You are here

U-220: Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache

July 25, 2012 - 7:00am

Addthis

PROBLEM:

Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache

PLATFORM:

Version(s): 4.0.4 and prior versions

ABSTRACT:

A remote user can poison the DNS cache.

reference LINKS:

IBM Application Security Research Group
SecurityTracker Alert ID: 1027291
Bugtraq ID: 523624
CVE-2012-2808

IMPACT ASSESSMENT:

Medium

Discussion:

A vulnerability was reported in Google Android. The res_randomid() function, which bases a return value on the process ID and the current time, is called twice in quick succession. As a result, the effective randomization is less than intended. A remote user can exploit this to return spoofed DNS responses and poison the DNS cache on the target system.

Impact:

A remote user can poison the DNS cache.

Solution:

Android 4.1.1 has been released, and patches are available on AOSP.

Addthis