Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4126

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-4126
Last Modified 19 Sep 2008 12:00:00
Published 18 Sep 2008 01:59:33
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4126

Summary

PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4099.

Vulnerable Systems

Application

  • Debian Python-dns 2.3.0-1

  • Debian Python-dns 2.3.0-2

  • Debian Python-dns 2.3.0-3

  • Debian Python-dns 2.3.0-4

  • Debian Python-dns 2.3.0-5

  • Debian Python-dns 2.3.0-5.1

  • Debian Python-dns 2.3.0-6

  • Debian Python-dns 2.3.1-1

  • Debian Python-dns 2.3.1-2

  • Debian Python-dns 2.3.1-3

  • Debian Python-dns 2.3.1-4


References

MLIST - [oss-security] 20080915 Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb)

MLIST - [oss-security] 20080911 Re: CVE Request (ruby -- DNS spoofing vulnerability in resolv.rb)

CONFIRM - http://packages.debian.org/changelogs/pool/main/p/python-dns/python-dns_2.3.3-1/changelog

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490217


Last Updated: 27 May 2016 10:48:23