The first attack on the DNS KAMINSKY vulnerability has been reported.
The attack was reported to the user with the name of James Kosin Fedora Linux mailing list. Kosin posted a record, which he said collected Thursday evening. The attacker trying to access the server cache to write in such places as myspace, eBay and Wachovia.
The attack attempts to target a vulnerability in the Domain Name System, where an attacker can change the cache to the DNS server to redirect the site for hazardous-site third party.
“It frightens is fully in this weakness in force. Patch or upgrade now!” Kosin wrote.
Industry experts, including KAMINSKY itself, issued a similar warning administrators. KAMINSKY deliberately held off on the release of information about the error until the sellers could patch it.
Exploit code for the vulnerability was issued earlier this week as a module to the Metasploit framework.
Although experts estimate that most ISPs and sellers have fixed the error, poorly maintained DNS servers could be more open to attack.
