Vulnerability CVE-2012-2808


Published: 2015-04-01

Description:
The PRNG implementation in the DNS resolver in Bionic in Android before 4.1.1 incorrectly uses time and PID information during the generation of random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2015-0800.

See advisories in our WLB2 database:
Topic
Author
Date
High
Android <= 4.0.4 DNS poisoning (youtube tutorial)
Roee Hay & R...
24.07.2012

Type:

CWE-247

(Reliance on DNS Lookups in a Security Decision)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Google -> Bionic 

 References:
http://www.mozilla.org/security/announce/2015/mfsa2015-41.html
http://blog.watchfire.com/files/androiddnsweakprng.pdf

Copyright 2021, cxsecurity.com

 

Back to Top