DNS Spoofing Vulnerability in PyDNS by Debian
CVE-2008-4126

Currently unrated

Key Information:

Vendor: Debian
Status: Python-dns
Vendor: CVE Published:; 18 September 2008

Summary

The vulnerability in PyDNS affects earlier versions prior to 2.3.1-5 in Debian GNU/Linux. It stems from the lack of random source ports for DNS requests and the absence of random transaction IDs for DNS retries. This flaw permits remote attackers to easily spoof DNS responses, potentially leading to malicious redirection or data interception. The issue arose due to an incomplete fix for a previously identified vulnerability, highlighting the necessity for careful patch management in software.

References

http://packages.debian.org/changelogs/pool/main/p/python-...

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2008/09/11/1

mailing-listx_refsource_MLIST

http://www.openwall.com/lists/oss-security/2008/09/16/4

mailing-listx_refsource_MLIST

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 18, 2008