Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4392

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-4392
Last Modified 13 Mar 2009 01:41:23
Published 19 Feb 2009 11:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4392

Summary

dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query.

Vulnerable Systems

Application

  • D.j.bernstein Djbdns 1.05


References

MISC - http://www.your.org/dnscache/

XF - djbdns-soa-spoofing(48807)

MISC - http://www.your.org/dnscache/djbdns.pdf

BID - 33818

SECUNIA - 33855


Last Updated: 27 May 2016 10:48:28