Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google Android Operating System < 4.1.1 DNS Cache Poisoning Vulnerability

Medium

Synopsis

The remote device is affected by a DNS cache poisoning vulnerability.

Description

The Google Android operating system prior to 4.1.1 is vulnerable to a DNS cache poisoning vulnerability that can be triggered when a stub resolver fails to acquire a port with its own DNS port implementation and resorts to the res_randomid() function of res_init.c to obtain it. The predictability of the port may make it easier for a remote attacker to poison the DNS cache of a target user.

Solution

Upgrade to Google Android operating system version 4.1.1 or later.