CVE-2008-3630

3 documents3 sources
Severity
6.4MEDIUM
EPSS
1.1%
top 21.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Bonjour
Timeline
PublishedSep 11
Latest updateMay 2

Description

mDNSResponder in Apple Bonjour for Windows before 1.0.5, when an application uses the Bonjour API for unicast DNS, does not choose random values for transaction IDs or source ports in DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

NVDapple/bonjour1.0.4

Patches

Patch: lists.apple.comPatch: lists.apple.com

🔴Vulnerability Details

2
GHSA
GHSA-93cc-m3wp-rrvv: mDNSResponder in Apple Bonjour for Windows before 12022-05-02
CVEList
CVE-2008-3630: mDNSResponder in Apple Bonjour for Windows before 12008-09-10
CVE-2008-3630 (MEDIUM CVSS 6.4) | mDNSResponder in Apple Bonjour for | cvebase.io