SV.USAGERULES.SPOOFINGSpoofing security vulnerabilityCertain system calls, typically DNS lookups, are vulnerable to spoofing. The SV.USAGERULES.SPOOFING checker flags instances of the system calls, gethostbyaddr, gethostbyname, and sethostname, which are potential targets of spoofing because they are dependent on data from the host server. Vulnerability and riskSpoofing allows a malicious user to gain trusted status by poisoning the DNS cache. An example of this vulnerability has been identified in Microsoft Internet Explorer, which can be exploited by an attacker to display a fake URL in the address and status bars. In this case, the vulnerability is caused by an input validation error. Successful exploitation allows an attacker to display an arbitrary fully qualified domain name (FQDN) in the address and status bars which is different from the actual location of the page. This practice can trick users into divulging sensitive information, or downloading and executing malware on their systems, because they trust the faked domain. Mitigation and preventionTo avoid this vulnerability:
|