6.8

CVE-2008-1447

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IscBind Version4
   CanonicalUbuntu Linux Version6.06 SwEditionlts
   CanonicalUbuntu Linux Version7.04
   CanonicalUbuntu Linux Version7.10
   CanonicalUbuntu Linux Version8.04 SwEditionlts
   CiscoIos Version12.0
   DebianDebian Linux Version4.0
   MicrosoftWindows 2000 Updatesp4
   MicrosoftWindows Server 2003 Version- HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditioncompute_cluster HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditiondatacenter HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionenterprise HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionstandard HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionstorage HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditioncompute_cluster HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditioncompute_cluster HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditiondatacenter HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditiondatacenter HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionenterprise HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionenterprise HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstandard HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstandard HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstorage HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstorage HwPlatformx64
   MicrosoftWindows Xp Updatesp2
   MicrosoftWindows Xp Version- Update- SwEditionprofessional HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp3
   RedhatEnterprise Linux Version2.1 Editionas
   RedhatEnterprise Linux Version2.1 Editiones
   RedhatEnterprise Linux Version2.1 Editionws
   RedhatEnterprise Linux Version5 Editionclient
   RedhatEnterprise Linux Version5 Editionclient_workstation
   RedhatEnterprise Linux Version5.0
IscBind Version8
   CanonicalUbuntu Linux Version6.06 SwEditionlts
   CanonicalUbuntu Linux Version7.04
   CanonicalUbuntu Linux Version7.10
   CanonicalUbuntu Linux Version8.04 SwEditionlts
   CiscoIos Version12.0
   DebianDebian Linux Version4.0
   MicrosoftWindows 2000 Updatesp4
   MicrosoftWindows Server 2003 Version- HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditioncompute_cluster HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditiondatacenter HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionenterprise HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionstandard HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionstorage HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditioncompute_cluster HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditioncompute_cluster HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditiondatacenter HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditiondatacenter HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionenterprise HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionenterprise HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstandard HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstandard HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstorage HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstorage HwPlatformx64
   MicrosoftWindows Xp Updatesp2
   MicrosoftWindows Xp Version- Update- SwEditionprofessional HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp3
   RedhatEnterprise Linux Version2.1 Editionas
   RedhatEnterprise Linux Version2.1 Editiones
   RedhatEnterprise Linux Version2.1 Editionws
   RedhatEnterprise Linux Version5 Editionclient
   RedhatEnterprise Linux Version5 Editionclient_workstation
   RedhatEnterprise Linux Version5.0
IscBind Version9.2.9
   CanonicalUbuntu Linux Version6.06 SwEditionlts
   CanonicalUbuntu Linux Version7.04
   CanonicalUbuntu Linux Version7.10
   CanonicalUbuntu Linux Version8.04 SwEditionlts
   CiscoIos Version12.0
   DebianDebian Linux Version4.0
   MicrosoftWindows 2000 Updatesp4
   MicrosoftWindows Server 2003 Version- HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditioncompute_cluster HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditiondatacenter HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionenterprise HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionstandard HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp1 SwEditionstorage HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditioncompute_cluster HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditioncompute_cluster HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditiondatacenter HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditiondatacenter HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionenterprise HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionenterprise HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstandard HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstandard HwPlatformx64
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstorage HwPlatformitanium
   MicrosoftWindows Server 2003 Version- Updatesp2 SwEditionstorage HwPlatformx64
   MicrosoftWindows Xp Updatesp2
   MicrosoftWindows Xp Version- Update- SwEditionprofessional HwPlatformx64
   MicrosoftWindows Xp Version- Updatesp3
   RedhatEnterprise Linux Version2.1 Editionas
   RedhatEnterprise Linux Version2.1 Editiones
   RedhatEnterprise Linux Version2.1 Editionws
   RedhatEnterprise Linux Version5 Editionclient
   RedhatEnterprise Linux Version5 Editionclient_workstation
   RedhatEnterprise Linux Version5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 95.18% 0.999
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 2.2 4
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE-331 Insufficient Entropy

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

http://www.isc.org/index.pl?/sw/bind/bind-security.php
Third Party Advisory
http://www.phys.uu.nl/~rombouts/pdnsd.html
Third Party Advisory
http://marc.info/?l=bugtraq&m=141879471518471&w=2
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
Third Party Advisory
http://secunia.com/advisories/31687
Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/31326
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2268
Third Party Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
Broken Link
http://security.gentoo.org/glsa/glsa-201209-25.xml
Third Party Advisory
http://www.securityfocus.com/archive/1/495869/100/0/threaded
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2008-0014.html
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2466
Third Party Advisory
http://secunia.com/advisories/31204
Third Party Advisory
http://www.ipcop.org/index.php?name=News&file=article&sid=40
Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/31882
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-260A.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2008/2584
Third Party Advisory
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
Third Party Advisory
Mailing List
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/31823
Third Party Advisory
http://secunia.com/advisories/31900
Third Party Advisory
http://support.apple.com/kb/HT3026
Third Party Advisory
http://support.apple.com/kb/HT3129
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2525
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2558
Third Party Advisory
http://secunia.com/advisories/33178
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200812-17.xml
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-190A.html
Third Party Advisory
US Government Resource
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc
Third Party Advisory
Vendor Advisory
http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html
Technical Description
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520
Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368
Broken Link
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html
Third Party Advisory
http://marc.info/?l=bugtraq&m=121630706004256&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=121866517322103&w=2
Third Party Advisory
http://marc.info/?l=bugtraq&m=123324863916385&w=2
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2008-0533.html
Third Party Advisory
http://secunia.com/advisories/30925
Third Party Advisory
http://secunia.com/advisories/30973
Third Party Advisory
http://secunia.com/advisories/30977
Third Party Advisory
http://secunia.com/advisories/30979
Third Party Advisory
http://secunia.com/advisories/30980
Third Party Advisory
http://secunia.com/advisories/30988
Third Party Advisory
Vendor Advisory
http://secunia.com/advisories/30989
Vendor Advisory
http://secunia.com/advisories/30998
Third Party Advisory
http://secunia.com/advisories/31011
Third Party Advisory
http://secunia.com/advisories/31012
Third Party Advisory
http://secunia.com/advisories/31014
Third Party Advisory
http://secunia.com/advisories/31019
Third Party Advisory
http://secunia.com/advisories/31022
Third Party Advisory
http://secunia.com/advisories/31030
Third Party Advisory
http://secunia.com/advisories/31031
Third Party Advisory
http://secunia.com/advisories/31033
Vendor Advisory
http://secunia.com/advisories/31052
Vendor Advisory
http://secunia.com/advisories/31065
Third Party Advisory
http://secunia.com/advisories/31072
Third Party Advisory
http://secunia.com/advisories/31093
Third Party Advisory
http://secunia.com/advisories/31094
Vendor Advisory
http://secunia.com/advisories/31137
Vendor Advisory
http://secunia.com/advisories/31143
Third Party Advisory
http://secunia.com/advisories/31151
Third Party Advisory
http://secunia.com/advisories/31152
Third Party Advisory
http://secunia.com/advisories/31153
Third Party Advisory
http://secunia.com/advisories/31169
Third Party Advisory
http://secunia.com/advisories/31197
Vendor Advisory
http://secunia.com/advisories/31199
Third Party Advisory
http://secunia.com/advisories/31207
Vendor Advisory
http://secunia.com/advisories/31209
Third Party Advisory
http://secunia.com/advisories/31212
Third Party Advisory
http://secunia.com/advisories/31213
Third Party Advisory
http://secunia.com/advisories/31221
Third Party Advisory
http://secunia.com/advisories/31236
Third Party Advisory
http://secunia.com/advisories/31237
Vendor Advisory
http://secunia.com/advisories/31254
Vendor Advisory
http://secunia.com/advisories/31354
Third Party Advisory
http://secunia.com/advisories/31422
Third Party Advisory
http://secunia.com/advisories/31430
Third Party Advisory
http://secunia.com/advisories/31451
Third Party Advisory
http://secunia.com/advisories/31482
Third Party Advisory
http://secunia.com/advisories/31495
Third Party Advisory
http://secunia.com/advisories/31588
Third Party Advisory
http://secunia.com/advisories/33714
Third Party Advisory
http://secunia.com/advisories/33786
Third Party Advisory
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200807-08.xml
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1
Third Party Advisory
http://support.citrix.com/article/CTX117991
Third Party Advisory
http://support.citrix.com/article/CTX118183
Third Party Advisory
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152
Third Party Advisory
http://up2date.astaro.com/2008/08/up2date_7202_released.html
Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231
Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
Third Party Advisory
http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning
Third Party Advisory
http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
Third Party Advisory
http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
Third Party Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml
Third Party Advisory
http://www.debian.org/security/2008/dsa-1603
Patch
http://www.debian.org/security/2008/dsa-1604
Third Party Advisory
http://www.debian.org/security/2008/dsa-1605
Third Party Advisory
http://www.debian.org/security/2008/dsa-1619
Third Party Advisory
http://www.debian.org/security/2008/dsa-1623
Third Party Advisory
http://www.doxpara.com/?p=1176
Third Party Advisory
http://www.doxpara.com/DMK_BO2K8.ppt
Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26667
Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26668
Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26669
Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26670
Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26671
Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=isg1IZ26672
Third Party Advisory
http://www.kb.cert.org/vuls/id/800113
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/MIMG-7DWR4J
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2008:139
Third Party Advisory
http://www.nominum.com/asset_upload_file741_2661.pdf
Third Party Advisory
http://www.novell.com/support/viewContent.do?externalId=7000912
Third Party Advisory
http://www.openbsd.org/errata42.html#013_bind
Third Party Advisory
http://www.openbsd.org/errata43.html#004_bind
Third Party Advisory
http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0789.html
Third Party Advisory
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html
Third Party Advisory
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
Third Party Advisory
http://www.securityfocus.com/archive/1/495289/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/30131
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020437
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020438
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020440
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020448
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020449
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020548
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020558
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020560
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020561
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020575
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020576
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020577
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020578
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020579
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020651
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020653
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020702
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020802
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020804
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-622-1
Third Party Advisory
http://www.ubuntu.com/usn/usn-627-1
Third Party Advisory
http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-190B.html
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2008/2019/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2023/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2025/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2029/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2030/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2050/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2051/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2052/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2055/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2092/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2113/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2114/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2123/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2139/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2166/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2195/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2196/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2197/references
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2291
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2334
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2342
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2377
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2383
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2384
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2467
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2482
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2549
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2582
Third Party Advisory
http://www.vupen.com/english/advisories/2009/0297
Third Party Advisory
http://www.vupen.com/english/advisories/2009/0311
Third Party Advisory
http://www.vupen.com/english/advisories/2010/0622
Third Party Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43334
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43637
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117
Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725
Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761
Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917
Tool Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627
Tool Signature
https://www.exploit-db.com/exploits/6122
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/6123
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/6130
Third Party Advisory
VDB Entry
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html
Third Party Advisory