*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: pdns-recursor References: DSA-1544-1 (http://www.debian.org/security/2008/dsa-1544) Quoting: "Amit Klein discovered that pdns-recursor, a caching DNS resolver, uses a weak random number generator to create DNS transaction IDs and UDP source port numbers. As a result, cache poisoning attacks were simplified." ** Affects: pdns-recursor (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1637 -- [pdns-recursor] [CVE-2008-1637] cache poisoning vulnerability https://bugs.launchpad.net/bugs/214980 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
