{"id":22406,"date":"2022-05-04T09:58:06","date_gmt":"2022-05-04T13:58:06","guid":{"rendered":"https:\/\/www.technewsday.com\/?p=22406"},"modified":"2022-05-06T11:37:54","modified_gmt":"2022-05-06T15:37:54","slug":"200-vendors-impacted-by-dns-poisoning-flaw","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/200-vendors-impacted-by-dns-poisoning-flaw\/","title":{"rendered":"200 Vendors Impacted By DNS Poisoning Flaw"},"content":{"rendered":"<p data-ar-index=\"0\">Researchers from security firm Nozomi Networks have uncovered a critical vulnerability in third-party code libraries used by hundreds of vendors.<\/p>\n<p data-ar-index=\"1\">The vulnerability is a DNS poisoning flaw. DNS poisoning allows attackers to replace the legitimate DNS lookup for a site with malicious IP addresses that can disguise as the real sites as they try to install malware.<\/p>\n<p data-ar-index=\"2\">In this case, the flaw allows attackers with access to the connection between an affected device and the internet to poison DNS requests used to translate domains to IP addresses.<\/p>\n<p data-ar-index=\"3\">The flaw is located in uClibc and uClibc fork uClibc-ng. The two libraries provide alternatives to the standard C library for embedded Linux, Nozom.<\/p>\n<p data-ar-index=\"4\">According to the researchers, 200 vendors incorporate at least one of the libraries into wares including Linksys WRT54G- Wireless-G Broadband Router, NetGear WG602 wireless router, and most Axis network cameras, embedded Gentoo, Buildroot, LEAF Bering uClibc, and Tuxscreen Linux Phone.<\/p>\n<p data-ar-index=\"5\">The sources for this piece include a story in <a href=\"https:\/\/arstechnica.com\/information-technology\/2022\/05\/gear-from-netgear-linksys-and-200-others-has-unpatched-dns-poisoning-flaw\/\" target=\"_blank\" rel=\"noopener\">ArsTechnica<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers from security firm Nozomi Networks have uncovered a critical vulnerability in third-party code libraries used by hundreds of vendors. The vulnerability is a DNS poisoning flaw. DNS poisoning allows attackers to replace the legitimate DNS lookup for a site with malicious IP addresses that can disguise as the real sites as they try to [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[34,16],"tags":[388,393],"class_list":["post-22406","post","type-post","status-publish","format-standard","hentry","category-artificial-intelligence","category-security","tag-privacy-security","tag-security-strategies"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/22406","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=22406"}],"version-history":[{"count":3,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/22406\/revisions"}],"predecessor-version":[{"id":22425,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/22406\/revisions\/22425"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=22406"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=22406"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=22406"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}