2 matches found
Security Bulletin: Reuse of Source Port in DataPower DNS queries (CVE-2017-1773)
Summary IBM DataPower Gateway may re-use the source port in DNS lookups. IBM has addressed the applicable CVE Vulnerability Details Relevant CVE Information: CVEID: CVE-2017-1773 DESCRIPTION: IBM WebSphere DataPower Appliances could allow an attacker using man-in-the-middle techniques to spoof DN...
uIP and lwIP DNS resolver vulnerable to cache poisoning
Overview The DNS resolver implemented in uIP and lwIP is vulnerable to cache poisoning due to non-randomized transaction IDs TXIDs and source port reuse. Description CWE-330: Use of Insufficiently Random Values - CVE-2014-4883The DNS resolver implemented in all versions of uIP, as well as lwIP...