SUSE CVE-2008-4100

GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the...

PT-2020-8504 · Adns +2 · Adns +2

Name of the Vulnerable Software and Affected Versions: adns versions prior to 1.5.2 Description: An issue was discovered in adns where adns rr info mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer, which can be overrun if the input is ou...