Lucene search
Ubuntu.comUB:CVE-2008-4392HistoryFeb 19, 2009 - 12:00 a.m.
CVE-2008-4392
2009-02-1900:00:00
ubuntu.com
ubuntu.com
8
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.006 Low
EPSS
Percentile
78.2%
dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous
identical outbound DNS queries, which makes it easier for remote attackers
to spoof DNS responses, as demonstrated by a spoofed A record in the
Additional section of a response to a Start of Authority (SOA) query.
Bugs
Notes
| Author | Note |
|---|---|
| sbeattie | debian attempted to mitigate the issue somewhat in 1:1.05-6 (lucid and newer) but the issue still stands |
Related
openvas
openvas
Fedora Update for ndjbdns FEDORA-2012-20959
2013-01-04 00:00:00
Fedora Update for ndjbdns FEDORA-2012-20967
2013-01-04 00:00:00
Fedora Update for ndjbdns FEDORA-2012-20967
2013-01-04 00:00:00
nessus
nessus
Fedora 16 : ndjbdns-1.05.5-1.fc16 (2012-20959)
2013-01-04 00:00:00
Fedora 17 : ndjbdns-1.05.5-1.fc17 (2012-20967)
2013-01-04 00:00:00
Fedora 18 : ndjbdns-1.05.5-1.fc18 (2012-20923)
2013-01-14 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: ndjbdns-1.05.5-1.fc16
2013-01-03 07:24:08
[SECURITY] Fedora 17 Update: ndjbdns-1.05.5-1.fc17
2013-01-03 07:21:08
[SECURITY] Fedora 18 Update: ndjbdns-1.05.5-1.fc18
2013-01-11 23:32:42
seebug
seebug
djbdns dnscache SOAθ―·ζ±θΏη¨ηΌεδΈζ―ζΌζ΄
2009-02-20 00:00:00
cve
cve
CVE-2008-4392
2009-02-19 16:30:00
prion
prion
Code injection
2009-02-19 16:30:00
cvelist
cvelist
CVE-2008-4392
2009-02-19 16:00:00
nvd
nvd
CVE-2008-4392
2009-02-19 16:30:00
debiancve
debiancve
CVE-2008-4392
2009-02-19 16:30:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.006 Low
EPSS
Percentile
78.2%
Related for UB:CVE-2008-4392