CVE-2008-3630

Currently unrated

Key Information:

Vendor: Apple
Status: Bonjour
Vendor: CVE Published:; 11 September 2008

Summary

mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an application uses the Bonjour API for unicast DNS, does not choose random values for transaction IDs or source ports in DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.

References

http://secunia.com/advisories/31822

third-party-advisoryx_refsource_SECUNIA

http://support.apple.com/kb/HT2990

x_refsource_CONFIRM

http://lists.apple.com/archives/security-announce//2008/S...

vendor-advisoryx_refsource_APPLE

Timeline

Vulnerability published
Sep 11, 2008
Vulnerability Reserved
Aug 12, 2008