Lucene search
PRIOn knowledge basePRION:CVE-2007-3153HistoryJun 11, 2007 - 10:30 p.m.
Design/Logic Flaw
2007-06-1122:30:00
PRIOn knowledge base
www.prio-n.com
2
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.5%
The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facility for producing a random number sequence (Unix rand), which makes it easier for remote attackers to spoof DNS responses by guessing certain values.
Related
cvelist
cvelist
CVE-2007-3153
2007-06-11 22:00:00
cve
cve
CVE-2007-3153
2007-06-11 22:30:00
nessus
nessus
FreeBSD : c-ares -- DNS Cache Poisoning Vulnerability (70ae62b0-16b0-11dc-b803-0016179b2dd5)
2007-06-12 00:00:00
Fedora 7 : c-ares-1.4.0-1.fc7 (2007-0724)
2007-11-06 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: c-ares-1.4.0-1.fc7
2007-06-28 01:52:51
freebsd
freebsd
c-ares -- DNS Cache Poisoning Vulnerability
2007-06-08 00:00:00
openvas
openvas
FreeBSD Ports: c-ares
2008-09-04 00:00:00
Fedora Update for c-ares FEDORA-2007-0724
2009-02-27 00:00:00
FreeBSD Ports: c-ares
2008-09-04 00:00:00
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
77.5%
Related for PRION:CVE-2007-3153