CVE-2008-3217
published 2008-07-18CVE-2008-3217: PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack…
PriorityP424medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.81%
75.9th percentile
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pdns | < pdns 2.9.21.1-1 (bookworm) | pdns 2.9.21.1-1 (bookworm) |
| debian | pdns-recursor | < pdns-recursor 3.1.7-1 (bookworm) | pdns-recursor 3.1.7-1 (bookworm) |
| open-xchange | pdns | >= 0 < 2.9.21.1-1 | 2.9.21.1-1 |
| open-xchange | pdns | >= 0 < 2.9.21.1-1 | 2.9.21.1-1 |
| open-xchange | pdns | >= 0 < 2.9.21.1-1 | 2.9.21.1-1 |
| open-xchange | pdns | >= 0 < 2.9.21.1-1 | 2.9.21.1-1 |
| powerdns | authoritative_server | <= 2.9.21 | — |
| powerdns | recursor | <= 3.1.5 | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
| powerdns | recursor | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8LOW
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rj9p-mrcp-3f7h: PowerDNS Authoritative Server before 2
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2008-3337 [MEDIUM] CWE-20 GHSA-rj9p-mrcp-3f7h: PowerDNS Authoritative Server before 2
PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.
GHSA
GHSA-2v8f-3jfm-64p5: PowerDNS Recursor before 3
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2008-3217 [MEDIUM] GHSA-2v8f-3jfm-64p5: PowerDNS Recursor before 3
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
OSV
CVE-2008-3337: PowerDNS Authoritative Server before 2
osv·2008-08-08·CVSS 6.8
CVE-2008-3337 [MEDIUM] CVE-2008-3337: PowerDNS Authoritative Server before 2
PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.
OSV
CVE-2008-3217: PowerDNS Recursor before 3
osv·2008-07-18·CVSS 6.8
CVE-2008-3217 [MEDIUM] CVE-2008-3217: PowerDNS Recursor before 3
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
Red Hat
pdns-recursor: not using the strongest random number generator for source port selection
vendor_redhat·2008-04-25·CVSS 6.8
CVE-2008-3217 [MEDIUM] pdns-recursor: not using the strongest random number generator for source port selection
pdns-recursor: not using the strongest random number generator for source port selection
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
Debian
CVE-2008-3337: pdns - PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which mig...
vendor_debian·2008·CVSS 6.8
CVE-2008-3337 [MEDIUM] CVE-2008-3337: pdns - PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which mig...
PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.
Scope: local
bookworm: resolved (fixed in 2.9.21.1-1)
bullseye: resolved (fixed in 2.9.21.1-1)
forky: resolved (fixed in 2.9.21.1-1)
sid: resolved (fixed in 2.9.21.1-1)
trixie: resolved (fixed in 2.9.21.1-1)
Debian
CVE-2008-3217: pdns-recursor - PowerDNS Recursor before 3.1.6 does not always use the strongest random number g...
vendor_debian·2008·CVSS 6.8
CVE-2008-3217 [MEDIUM] CVE-2008-3217: pdns-recursor - PowerDNS Recursor before 3.1.6 does not always use the strongest random number g...
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
Scope: local
bookworm: resolved (fixed in 3.1.7-1)
bullseye: resolved (fixed in 3.1.7-1)
forky: resolved (fixed in 3.1.7-1)
sid: resolved (fixed in 3.1.7-1)
trixie: resolved (fixed in 3.1.7-1)
Red Hat
pdns: not responding invalid queries my simplify spoofing attacks
vendor_redhat·CVSS 6.8
CVE-2008-3337 [MEDIUM] pdns: not responding invalid queries my simplify spoofing attacks
pdns: not responding invalid queries my simplify spoofing attacks
PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.
No detection rules found.
No public exploits indexed.
http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6http://secunia.com/advisories/31311http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179http://www.openwall.com/lists/oss-security/2008/07/09/10http://www.openwall.com/lists/oss-security/2008/07/10/6http://www.openwall.com/lists/oss-security/2008/07/16/12http://www.securityfocus.com/bid/30782https://exchange.xforce.ibmcloud.com/vulnerabilities/43925https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01353.htmlhttp://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6http://secunia.com/advisories/31311http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179http://www.openwall.com/lists/oss-security/2008/07/09/10http://www.openwall.com/lists/oss-security/2008/07/10/6http://www.openwall.com/lists/oss-security/2008/07/16/12http://www.securityfocus.com/bid/30782https://exchange.xforce.ibmcloud.com/vulnerabilities/43925https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01353.html
2008-07-18
Published