Package: dnsmasq Version: 2.42-4 Severity: grave Tags: security Justification: user security hole
dnsmasq appears to be vulnerable to CVE-2008-1447, the DNS cache poisoning exploit. From my reading of the source code and observation with tcpdump, dnsmasq doesn't do any source port randomisation. dnsmasq binds a UDP socket for each of the forwarding name servers when they are added (on startup, or configuration change), then uses those sockets forever. The source port doesn't change between queries. tcpdump confirms this. thanks Hamish -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages dnsmasq depends on: ii adduser 3.108 add and remove users and groups ii dnsmasq-base 2.42-4 A small caching DNS proxy and DHCP ii netbase 4.32 Basic TCP/IP networking system dnsmasq recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
