CVE-2008-1637 — Recursor vulnerability

CWE-1899 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

0.0%

top 92.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Powerdns Recursor

Timeline

PublishedApr 2

Latest updateMay 1

Description

PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate (1) TRXID values and (2) UDP source port numbers, which makes it easier for remote attackers to poison a DNS cache, related to (a) algorithmic deficiencies in rand and random functions in external libraries, (b) use of a 32-bit seed value, and (c) choice of the time of day as the sole seeding information.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDpowerdns/recursor3.1.4

Patches

Patch: doc.powerdns.com ↗Patch: doc.powerdns.com ↗

🔴Vulnerability Details

GHSA

GHSA-c5qh-3289-h9w4: PowerDNS Recursor before 3↗2022-05-01

▶

CVEList

CVE-2008-1637: PowerDNS Recursor before 3↗2008-04-02

▶

OSV

CVE-2008-1637: PowerDNS Recursor before 3↗2008-04-02

▶

📋Vendor Advisories

Red Hat

pdns-recursor: not using the strongest random number generator for source port selection↗2008-04-25

▶

Red Hat

pdns-recursor: perdictable query ids↗2008-03-31

▶

Debian

CVE-2008-1637: pdns-recursor - PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate (1) TRX...↗2008

▶

💬Community

Bugzilla

CVE-2008-3217 pdns-recursor: not using the strongest random number generator for source port selection↗2008-07-21

▶

Bugzilla

CVE-2008-1637 pdns-recursor: perdictable query ids↗2008-04-02

▶