RSS   Podatności dla 'Python-dns'   RSS

2008-09-18
 
CVE-2008-4126

CWE-16
 
 
PyDNS (aka python-dns) before 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4099.

 
 
CVE-2008-4099

CWE-16
 
 
PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.

 

 >>> Vendor: Debian 97 Produkty
Debian linux
Netkit
Elvis tiny
Sgml-tools
Netstd
Internet message
Mime-support
FSP
Lintian
Shadow-utils
Debmake
Tetex-bin
DPKG
Sympa
Bsmtpd
Toolchain-source
PPXP
Reportbug
Qpopper
Apt-cacher
Apt-setup
Backupninja
Kernel-patch-vserver
Libmail-audit-perl
Amaya
Base-config
Apache
GFAX
Debian-goodies
Reprepro
Guilt
UNP
Apt-listchanges
TSS
Aptlinex
Projectl
Horde
Turba
Honeyd common
Citadel server
Python-dns
Xsabre
FETA
Dpkg-cross
Myspell
Newsgate
Initramfs-tools
Os-prober
Mailscanner
LTP
Shadow
Horde imp
Horde groupware
Nss-ldap
APT
Libdbd-pg-perl
Mono-debugger
Tex-common
Apache2
Texlive-extra-utils
Php5-common
Logol
Devotee
Cifs-utils
Trousers
Bsdmainutils
Cfingerd
LATD
Txt2man
Adequate
Localepurge
Syncevolution
Axiom
Ppthtml
Xbuffy
Strongswan
Dpkg-dev
Kde4libs
Python-imaging
Exuberant ctags
Hivex
Dbd-firebird
Unattended-upgrades
FUSE
TOR
Xbindkeys-config
Ftpsync
Postgresql-common
TIN
Devscript
Advanced package tool
Crossroads
Tmpreaper
Devscripts
Duplicity
Debian-lan-config
PERM

Copyright 2024, cxsecurity.com

 

Back to Top