Lucene search
K

5 matches found

OSV
OSV
added 2008/09/18 5:59 p.m.10 views

CVE-2008-4099

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...

6.5AI score
Exploits0References4
CVE
CVE
added 2008/09/18 5:47 p.m.87 views

CVE-2008-4099

The CVE-2008-4099 entry concerns PyDNS (python-dns) in Debian GNU/Linux prior to 2.3.1-4, where DNS requests did not randomize source ports or transaction IDs. This omission facilitates spoofed DNS responses by remote attackers, representing a DNS cache-poisoning risk. Debian has updated the pack...

6.4CVSS6.5AI score0.0228EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2008/08/15 12:0 a.m.22 views

Debian: Security Advisory (DSA-1619-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.2AI score0.95182EPSS
Exploits21References3
Tenable Nessus
Tenable Nessus
added 2008/07/28 12:0 a.m.83 views

Debian DSA-1619-1 : python-dns - DNS response spoofing

Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many...

6.8CVSS6.6AI score0.95182EPSS
Exploits21References7
OSV
OSV
added 2008/07/27 12:0 a.m.42 views

DSA-1619-1 python-dns - DNS response spoofing

Bulletin has no description...

6.8CVSS6.9AI score0.95182EPSS
Exploits21
Rows per page
Query Builder