Gravedad:Media\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Vulnerabilidad: CVE-2020-8616 \/ CVE-2020-12662 \/ CVE-2020-10995 \/ <\/p>\n\n\n\n
Fecha de publicaci\u00f3n: Mayo 26, 2020
\u00daltima revisi\u00f3n: Mayo 26, 2020
<\/p>\n\n\n\n
Sistemas Afectados:<\/strong> I. Descripci\u00f3n<\/strong> II. Impacto<\/strong><\/p>\n\n\n\n Acad\u00e9micos de la\nUniversidad de Tel Aviv y el Centro Interdisciplinario en Herzliya, Israel, han\nrevelado detalles sobre una nueva falla que afecta el protocolo DNS que puede\nexplotarse para lanzar ataques de denegaci\u00f3n de servicio (DDoS) amplificados y\na gran escala para atacar sitios web espec\u00edficos, a esta falla la han\ndenominado NXNSAttack.<\/p>\n\n\n\n La t\u00e9cnica NXNSAttack\ntiene diferentes facetas y variaciones, pero los pasos b\u00e1sicos se detallan a\ncontinuaci\u00f3n:<\/p>\n\n\n\n III. Referencia a soluciones, herramientas e\ninformaci\u00f3n<\/strong><\/strong><\/p>\n\n\n\n Aplicar las actualizaciones o bien aplicar las\nmedidas de mitigaci\u00f3n publicadas seg\u00fan el fabricante. <\/p>\n\n\n\n Fuentes:<\/strong><\/p>\n\n\n\n Informaci\u00f3n de contacto<\/strong> Gravedad:Media\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Vulnerabilidad: CVE-2020-8616 \/ CVE-2020-12662 \/ CVE-2020-10995 \/ Fecha de publicaci\u00f3n: Mayo 26, 2020\u00daltima revisi\u00f3n: Mayo 26, 2020 Sistemas Afectados: Vulnerabilidades en el protocolo DNS que afecta a todas los servidores que presten el servicio,…<\/p>\n","protected":false},"author":4,"featured_media":2113,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-2112","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2112","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2112"}],"version-history":[{"count":1,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2112\/revisions"}],"predecessor-version":[{"id":2114,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/2112\/revisions\/2114"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/2113"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nVulnerabilidades en el protocolo DNS que afecta a todas los servidores que\npresten el servicio, ya sea opensource o comerciales.<\/p>\n\n\n\n
\nActualizaci\u00f3n de seguridad que afecta al protocolo DNS, incluido los servicios\nDNS comerciales como Cloudflare, Google, Amazon, Microsoft, Oracle (DYN),\nVerisign, IBM Quad9 e ICANN, quienes han parchado sus productos.<\/p>\n\n\n\n
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la Innovacion\nGubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"