DNS Spoofing Risk in GNU adns Software by The GNU Project
CVE-2008-4100

Currently unrated

Key Information:

Vendor

Gnu
Status
Adns
Vendor
CVE Published:
18 September 2008

What is CVE-2008-4100?

GNU adns versions 1.4 and earlier are susceptible to a vulnerability where a fixed source port and sequential transaction IDs are used for DNS requests. This design choice allows remote attackers to easily spoof DNS responses, posing significant security risks in untrusted environments. Although the vendor states this behavior fits the product's intended use in a trusted scope, it can expose users to potential remote exploitation if used improperly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2008/09/11/1
mailing-listx_refsource_MLIST
https://www.exploit-db.com/exploits/6197
exploitx_refsource_EXPLOIT-DB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.