*** This bug is a security vulnerability ***

Public security bug reported:

Binary package hint: pdns-recursor

References:
DSA-1544-1 (http://www.debian.org/security/2008/dsa-1544)

Quoting:
"Amit Klein discovered that pdns-recursor, a caching DNS resolver, uses a
weak random number generator to create DNS transaction IDs and UDP
source port numbers.  As a result, cache poisoning attacks were
simplified."

** Affects: pdns-recursor (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1637

-- 
[pdns-recursor] [CVE-2008-1637] cache poisoning vulnerability
https://bugs.launchpad.net/bugs/214980
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to