DNS poisoning via Port Exhaustion
Am Wednesday, 19. Oct 2011 im Topic 'Vulnerabilities'
A vulnerability in Java (CVE-2011-3552, CVE-2010-4448) which enables remote DNS poisoning using Java applets. This vulnerability can be triggered when opening a malicious webpage. A successful exploitation of this vulnerability may lead to disclosure and manipulation of cookies and web pages, disclosure of NTLM credentials and clipboard data of the logged-on user, and even firewall bypass.
Download PDF
http://blog.watchfire.com/files/dnsp_port_exhaustion.pdf
Download PDF
http://blog.watchfire.com/files/dnsp_port_exhaustion.pdf