6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.7%
PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate
(1) TRXID values and (2) UDP source port numbers, which makes it easier for
remote attackers to poison a DNS cache, related to (a) algorithmic
deficiencies in rand and random functions in external libraries, (b) use of
a 32-bit seed value, and © choice of the time of day as the sole seeding
information.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | pdns-recursor | < 3.1.4-6ubuntu1 | UNKNOWN |
ubuntu | 8.10 | noarch | pdns-recursor | < 3.1.4-6ubuntu1 | UNKNOWN |