PROBLEM:
Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache
PLATFORM:
Version(s): 4.0.4 and prior versions
ABSTRACT:
A remote user can poison the DNS cache.
reference LINKS:
IBM Application Security Research Group
SecurityTracker Alert ID: 1027291
Bugtraq ID: 523624
CVE-2012-2808
IMPACT ASSESSMENT:
Medium
Discussion:
A vulnerability was reported in Google Android. The res_randomid() function, which bases a return value on the process ID and the current time, is called twice in quick succession. As a result, the effective randomization is less than intended. A remote user can exploit this to return spoofed DNS responses and poison the DNS cache on the target system.
Impact:
A remote user can poison the DNS cache.
Solution:
Android 4.1.1 has been released, and patches are available on AOSP.