PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.

Affected configurations

NVD

Node

debianpython-dnsRange≤2.3.1-3

debianpython-dnsMatch2.3.0-1

debianpython-dnsMatch2.3.0-2

debianpython-dnsMatch2.3.0-3

debianpython-dnsMatch2.3.0-4

debianpython-dnsMatch2.3.0-5

debianpython-dnsMatch2.3.0-5.1

debianpython-dnsMatch2.3.0-6

debianpython-dnsMatch2.3.1-1

debianpython-dnsMatch2.3.1-2

AND

debianlinuxMatchunknownunknownetch

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=490217

packages.debian.org/changelogs/pool/main/p/python-dns/python-dns_2.3.3-1/changelog

www.openwall.com/lists/oss-security/2008/09/11/1

www.openwall.com/lists/oss-security/2008/09/16/4

cve 6

cvelist 5

ubuntucve 4

prion 6

debiancve 4

osv 3

nvd 7

nessus 35

openvas 68

redhat 2

gentoo 2

packetstorm 3

debian 10

checkpoint_advisories 2

altlinux 5

fedora 2

suse 1

checkpoint_security 1

securityvulns 8

f5 2

oraclelinux 2

ubuntu 2

centos 2

freebsd 2

exploitpack 3

slackware 3

freebsd_advisory 1

seebug 5

rubygems 1

cisco 1

mskb 1

cve

CVE-2008-4099

2008-09-18 17:59:32

CVE-2008-4126

2022-10-03 16:13:59

CVE-2008-1447

2008-07-08 23:41:00

cvelist

CVE-2008-4099

2008-09-18 17:47:00

CVE-2008-4126

2022-10-03 16:13:59

CVE-2008-1447

2008-07-08 23:00:00

ubuntucve

CVE-2008-4099

2008-09-18 00:00:00

CVE-2008-4126

2008-09-18 00:00:00

CVE-2008-1447

2008-07-08 00:00:00

prion

Design/Logic Flaw

2008-09-18 17:59:00

Design/Logic Flaw

2008-09-18 17:59:00

Spoofing

2008-07-08 23:41:00

debiancve

CVE-2008-4099

2008-09-18 17:59:32

CVE-2008-4126

2022-10-03 16:13:59

CVE-2008-1447

2008-07-08 23:41:00

osv

python-dns - DNS response spoofing

2008-07-27 00:00:00

bind9 - cache poisoning

2008-07-08 00:00:00

refpolicy - incompatible policy

2008-07-25 00:00:00

nvd

CVE-2008-4126

2008-09-18 17:59:33

CVE-2008-1447

2008-07-08 23:41:00

CVE-2008-5133

2008-11-18 16:00:00

nessus

Debian DSA-1619-1 : python-dns - DNS response spoofing

2008-07-28 00:00:00

Fedora 9 : dnsmasq-2.45-1.fc9 (2009-1069)

2009-02-17 00:00:00

RHEL 2.1 / 3 / 4 / 5 : bind (RHSA-2008:0533)

2008-07-10 00:00:00

openvas

Debian: Security Advisory (DSA-1619-1)

2008-08-15 00:00:00

Debian Security Advisory DSA 1603-1 (bind9)

2008-07-15 00:00:00

Fedora Core 9 FEDORA-2009-1069 (dnsmasq)

2009-02-18 00:00:00

redhat

(RHSA-2008:0789) Moderate: dnsmasq security update

2008-08-11 00:00:00

(RHSA-2008:0533) Important: bind security update

2008-07-08 00:00:00

gentoo

BIND: Cache poisoning

2008-07-11 00:00:00

dnsmasq: Denial of Service and DNS spoofing

2008-09-04 00:00:00

packetstorm

bind9x-poison.txt

2008-07-25 00:00:00

bailiwicked_domain.rb.txt

2008-07-24 00:00:00

bailiwicked_host.rb.txt

2008-07-24 00:00:00

debian

[SECURITY] [DSA 1617-1] New refpolicy packages fix incompatible policy

2008-07-25 06:29:36

[SECURITY] [DSA 1623-1] New dnsmasq packages fix cache poisoning

2008-07-31 16:45:20

[SECURITY] [DSA 1604-1] BIND 8 deprecation notice

2008-07-08 17:03:55

checkpoint_advisories

Microsoft Windows DNS Insufficient Socket Entropy (MS08-037; CVE-2008-1447)

2011-11-01 00:00:00

Microsoft Windows DNS Insufficient Socket Entropy (MS08-037) - High Confidence (CVE-2008-1447)

2013-05-09 00:00:00

altlinux

Security fix for the ALT Linux 6 package bind version 9.3.5-alt2

2008-06-06 00:00:00

Security fix for the ALT Linux 8 package bind version 9.3.5-alt2

2008-06-06 00:00:00

Security fix for the ALT Linux 9 package bind version 9.3.5-alt2

2008-06-06 00:00:00

fedora

[SECURITY] Fedora 9 Update: dnsmasq-2.45-1.fc9

2009-02-14 22:11:22

[SECURITY] Fedora 9 Update: bind-9.5.0-33.P1.fc9

2008-07-09 21:45:32

suse

DNS cache poisoning in bind

2008-07-11 09:57:52

checkpoint_security

Check Point response to DNS poisoning vulnerability CVE-2008-1447

2008-07-05 21:00:00

securityvulns

[SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver

2008-07-12 00:00:00

Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

2008-07-12 00:00:00

[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing

2008-07-29 00:00:00

SOL8938 - BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113

2008-07-10 00:00:00

K8938 : BIND DNS cache poisoning vulnerability - CVE-2008-1447 - VU#800113

2013-03-19 00:00:00

oraclelinux

bind security update

2008-07-08 00:00:00

dnsmasq security update

2008-08-11 00:00:00

ubuntu

Dnsmasq vulnerability

2008-07-22 00:00:00

Bind vulnerability

2008-07-08 00:00:00

centos

bind security update

2008-07-09 01:20:56

bind, caching, selinux security update

2008-07-08 22:25:27

freebsd

FreeBSD -- DNS cache poisoning

2008-07-08 00:00:00

ruby -- DNS spoofing vulnerability

2008-08-08 00:00:00

exploitpack

BIND 9.x - Remote DNS Cache Poisoning

2008-07-25 00:00:00

BIND 9.4.1 9.4.2 - Remote DNS Cache Poisoning (Metasploit)

2008-07-23 00:00:00

BIND 9.x - Remote DNS Cache Poisoning (Python)

2008-07-24 00:00:00

slackware

[slackware-security] bind

2008-07-10 04:29:01

[slackware-security] ruby

2008-11-29 21:37:03

[slackware-security] dnsmasq

2008-07-24 00:02:47

freebsd_advisory

FreeBSD-SA-08:06.bind

2008-07-13 00:00:00

seebug

BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)

2014-07-01 00:00:00

BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (py)

2008-07-24 00:00:00

BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)

2008-07-24 00:00:00

rubygems

ruby -- DNS spoofing vulnerability in resolv.rb

2008-05-04 20:00:00

cisco

Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

2008-07-08 18:00:00

mskb

MS08-037: Vulnerabilities in DNS could allow spoofing

2018-04-17 19:03:20

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.133 Low

EPSS

Percentile

95.6%

JSON

Related for NVD:CVE-2008-4099

cve6 cvelist5 ubuntucve4 prion6 debiancve4 osv3 nvd7 nessus35 openvas68 redhat2 gentoo2 packetstorm3 debian10 checkpoint_advisories2 altlinux5 fedora2 suse1 checkpoint_security1 securityvulns8 f52 oraclelinux2 ubuntu2 centos2 freebsd2 exploitpack3 slackware3 freebsd_advisory1 seebug5 rubygems1 cisco1 mskb1