DNS poisoning is the manipulation of IP addresses for entries stored in the cache of a smaller DNS server: the aim is to make the DNS server respond, not with the correct IP address, but with one that contains malicious code. DNS poisoning is only possible where there is a vulnerability or other security weakness in the operating system running on the DNS server.