6.8
CVE-2008-3217
- EPSS 1.81%
- Veröffentlicht 18.07.2008 16:41:00
- Zuletzt bearbeitet 16.06.2026 22:55:23
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.81% | 0.758 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6
http://secunia.com/advisories/31311
http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179
http://www.openwall.com/lists/oss-security/2008/07/09/10
http://www.openwall.com/lists/oss-security/2008/07/10/6
http://www.openwall.com/lists/oss-security/2008/07/16/12
http://www.securityfocus.com/bid/30782
https://exchange.xforce.ibmcloud.com/vulnerabilities/43925
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01353.html