CVE-2008-1637 and CVE-2008-3217)">

Oval Definition:	oval:org.mitre.oval:def:19578
Revision Date: 2014-06-23 Version: 6 Title: DSA-1544-2 pdns-recursor - predictable randomness Description: Amit Klein discovered that pdns-recursor, a caching DNS resolver, uses a weak random number generator to create DNS transaction IDs and UDP source port numbers. As a result, cache poisoning attacks were simplified. (CVE-2008-1637 and CVE-2008-3217) Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2008-1637 CVE-2008-3217 DSA-1544-2 Platform(s): Debian GNU/Linux 4.0 Product(s): pdns-recursor Definition Synopsis Debian GNU/Linux 4.0 is installed. AND pdns-recursor DPKG is earlier than 0:3.1.4-1+etch2
BACK