Security Week 2325: Security of Domain Name Registries

Discussion in 'Web Hosting' started by Knafi, Jun 20, 2023.

  1. #1
    On June 12, a study was published about a serious vulnerability in domain name registry software. CoCCA software is used to manage domains in zones such as .ai, .ms and .td. It uses a standardized Extensible Provisioning Protocol (EPP) to communicate with domain name registrars who need to make changes to the registry. A vulnerability in the XML request handler made it possible to hijack control over an entire domain zone and, for example, change entries for existing domain names or create new ones.[​IMG]
    Earlier studies on "domain hijacking" usually focused on hacking DNS servers. However, in this case, everything turned out to be simpler and more dangerous: why attack DNS, if you can modify any information directly in the domain zone registry?
     
    Knafi, Jun 20, 2023 IP