Reports of Active Directory Vulnerability Allowing DNS Record Spoofs to Steal Secrets
Long-time Slashdot reader jd writes: The Register is reporting that Akamai security researchers have found a way to hack Active Directory and obtain the information stored within it. The researchers go on to say that Microsoft is NOT planning to fix the vulnerability. From the article:While the current report doesn't provide technical details or proof-of-concept exploits, Akamai has promised, in the near future, to publish code that implements these attacks called DDSpoof - short for DHCP DNS Spoof. 'We will show how unauthenticated attackers can collect necessary data from DHCP servers, identify vulnerable DNS records, overwrite them, and use that ability to compromise AD domains,' Akamai security researcher Ori David said. The DHCP attack research builds on earlier work by NETSPI's Kevin Roberton, who detailed ways to exploit flaws in DNS zones.
Read more of this story at Slashdot.