First published: Thu Sep 18 2008(Updated: )
PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Debian Python-dns | <=2.3.1-3 | |
Debian Python-dns | =2.3.0-1 | |
Debian Python-dns | =2.3.0-2 | |
Debian Python-dns | =2.3.0-3 | |
Debian Python-dns | =2.3.0-4 | |
Debian Python-dns | =2.3.0-5 | |
Debian Python-dns | =2.3.0-5.1 | |
Debian Python-dns | =2.3.0-6 | |
Debian Python-dns | =2.3.1-1 | |
Debian Python-dns | =2.3.1-2 | |
Debian Linux | =unknown-unknown |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.