CVE-2008-3217 — Recursor vulnerability

8 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

0.0%

top 99.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Powerdns Recursor

Timeline

PublishedJul 18

Latest updateMay 1

Description

PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDpowerdns/recursor3.1.5+6

Patches

Patch: wiki.powerdns.com ↗Patch: wiki.powerdns.com ↗

🔴Vulnerability Details

GHSA

GHSA-2v8f-3jfm-64p5: PowerDNS Recursor before 3↗2022-05-01

▶

CVEList

CVE-2008-3217: PowerDNS Recursor before 3↗2008-07-18

▶

OSV

CVE-2008-3217: PowerDNS Recursor before 3↗2008-07-18

▶

📋Vendor Advisories

Red Hat

pdns-recursor: not using the strongest random number generator for source port selection↗2008-04-25

▶

Debian

CVE-2008-3217: pdns-recursor - PowerDNS Recursor before 3.1.6 does not always use the strongest random number g...↗2008

▶

Red Hat

pdns: not responding invalid queries my simplify spoofing attacks↗

▶

💬Community

Bugzilla

CVE-2008-3217 pdns-recursor: not using the strongest random number generator for source port selection↗2008-07-21

▶