Back to search
CVE-2008-3217
Published: Jul 18, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20080716 Re: CVE request: PowerDNS recursor source port randomization
mailing-list
x_refsource_MLIST
http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179
x_refsource_CONFIRM
31311
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20080709 CVE request: PowerDNS recursor source port randomization
mailing-list
x_refsource_MLIST
[oss-security] 20080710 Re: DNS vulnerability: other relevant software
mailing-list
x_refsource_MLIST
http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6
x_refsource_CONFIRM
powerdns-recursor-rng-weak-security(43925)
vdb-entry
x_refsource_XF
FEDORA-2008-6893
vendor-advisory
x_refsource_FEDORA
30782
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now