EUVD-2008-4083

Malware in sbrugna...

EUVD-2008-4109

Malware in sbrugna...

CVE-2008-4126

PyDNS aka python-dns before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: this...

CVE-2008-4099

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...

CVE-2008-4099

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...

CVE-2008-4099

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...

Design/Logic Flaw

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...

CVE-2008-4126

PyDNS aka python-dns before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: this...

Design/Logic Flaw

PyDNS aka python-dns before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: this...

CVE-2008-4126

Removed by vendor...

CVE-2008-4099

Removed by vendor...

CVE-2008-4126

PyDNS aka python-dns before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: this...

CVE-2008-4099

The CVE-2008-4099 entry concerns PyDNS (python-dns) in Debian GNU/Linux prior to 2.3.1-4, where DNS requests did not randomize source ports or transaction IDs. This omission facilitates spoofed DNS responses by remote attackers, representing a DNS cache-poisoning risk. Debian has updated the pack...

CVE-2008-4099

PyDNS aka python-dns before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447...

CVE-2008-4126

Technical details for CVE-2008-4126 are not provided in the connected documents; the initial description summarizes the issue but no vendor/version/context is given here. Monitor for updates.

Debian: Security Advisory (DSA-1619-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1619-1 : python-dns - DNS response spoofing

Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many...

DSA-1619-1 python-dns - DNS response spoofing

Bulletin has no description...