c-ares DNS Transaction ID Predictable Seed DNS Spoofing

ID OSVDB:37171
Type osvdb
Reporter OSVDB
Modified 2007-06-08T11:18:48


Solution Description

Upgrade to version 1.4.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor Specific News/Changelog Entry: http://cool.haxx.se/cvs.cgi/curl/ares/CHANGES?rev=HEAD&content-type=text/vnd.viewcvs-markup Secunia Advisory ID:25579 Related OSVDB ID: 37172 CVE-2007-3152 Bugtraq ID: 24386