There is a well known DNS vulnerability disclosed by Dan Kaminsky. The CERT advisory highlights 3 issues in the existing DNS infrastructure:
- Lack of sufficient randomness in the selection of source ports for DNS queries.
- DNS transaction ID values that also exhibit insufficient randomness.
- Multiple outstanding requests for the same resource record.