Multiple DNS servers and clients DNS records spoofing updated since 12.07.2008
Published:		29.07.2008
Source:		BUGTRAQ
SecurityVulns ID:		9142
Type:		client
Level:		6/10
Description:		DNS poisoning attack may be used to spoof query results.

Affected:		CISCO : IOS 12.2
		CISCO : IOS 12.3
		BIND : bind 9.3
		CISCO : IOS 12.4
		PDNS : pdns-recursor 3.1
		PYTHON : python-dns 2.3
CVE:		CVE-2008-1637 (PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate (1) TRXID values and (2) UDP source port numbers, which makes it easier for remote attackers to poison a DNS cache, related to (a) algorithmic deficiencies in rand and random functions in external libraries, (b) use of a 32-bit seed value, and (c) choice of the time of day as the sole seeding information.)
		CVE-2008-1447

Original document		DEBIAN, [SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing (29.07.2008)
		I)ruid, CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit (25.07.2008)
		DEBIAN, [SECURITY] [DSA 1544-2] New pdns-recursor packages fix predictable randomness (18.07.2008)
		CISCO, Cisco Security Advisory: Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks (12.07.2008)
		DEBIAN, [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver (12.07.2008)

Files:		DNS BailiWicked Host Attack
		Tool: PorkBind Nameserver Security Scanner
Discuss:		Read or add your comments to this news (0 comments)