DNS Cache Poisoning Vulnerability in PowerDNS Recursor by PowerDNS
CVE-2008-1637

Currently unrated

Key Information:

Vendor

Powerdns

Status
Recursor
Vendor
CVE Published:
2 April 2008

What is CVE-2008-1637?

The PowerDNS Recursor prior to version 3.1.5 is susceptible to a security vulnerability caused by insufficient randomness in the generation of TRXID values and UDP source port numbers. This weakness can be exploited by remote attackers to effectively poison the DNS cache. Contributing factors include algorithmic deficiencies in randomness functions, reliance on a static 32-bit seed value, and the use of the current time as the sole source of entropy, leading to predictable patterns that can be manipulated.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/29764
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/29737
third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1544
vendor-advisoryx_refsource_DEBIAN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.