NAME:WRECK bugs in the DNS to impact more than 100 Million devices

N

As of 15/04/2021

According to a joint report by Forescout Research Labs and JSOF Research Labs, 9 vulnerabilities related to the implementation of DNS protocols were found. These 9 vulnerabilities have been named together as NAME:WRECK. From smartphones to IoT devices, around 100 Million devices are at risk here.

Domain Name System or DNS is a system that converts an alphanumeric domain name that is  easily understood by humans to a numeric IP address. Any TCP/IP device also contains the code for DNS Resolution or DNS Lookup. This Lookup needs to send DNS requests in binary code. This also needs to deconstruct the replies. And this is where the problem or the vulnerability lies. Sometimes the replies are adultured, meant to make the Lookup code read from the wrong place or write to the wrong place. When code reads from the wrong place it shows Denial of Service. When the code writes to the wrong place it shows Remote Code Execution.

NAME:WRECK has been found by a research group called Project Memoria. It is the fifth problem found by them. The previous four were URGENT/11, Ripple20, Amnesia:33 and NUMBER:JACK. Forescout is fingerprinting affected devices through an open source script. Enforcing segmentation control and monitoring the network are some of the available solutions right now.

About the author

The Wizard

I write on a range of topics that includes Branding, Marketing, Acquisitions, Statistics and an especial emphasis on Domain Name. The opinions expressed may change from time to time as that is how a person and ideas evolve.

Add Comment

Send to my inbox!

Follow Us

DomainMagazine is a leading technology media property, dedicated to obsessively profiling domain name industry and breaking domain news.

The Wizard

I write on a range of topics that includes Branding, Marketing, Acquisitions, Statistics and an especial emphasis on Domain Name. The opinions expressed may change from time to time as that is how a person and ideas evolve.