NVD

Id
3100  
Name
CVE-2008-3217  
Description
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-07-18  
Modified Date
2008-09-10  
Seq
2008-3217  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
19698 3100 CVE-2008-3217 http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6  View
19699 3100 CVE-2008-3217 http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179  View
19700 3100 CVE-2008-3217 [oss-security] 20080709 CVE request: PowerDNS recursor source port randomization  View
19701 3100 CVE-2008-3217 [oss-security] 20080710 Re: DNS vulnerability: other relevant software  View
19702 3100 CVE-2008-3217 [oss-security] 20080716 Re: CVE request: PowerDNS recursor source port randomization  View
19703 3100 CVE-2008-3217 30782  View
19704 3100 CVE-2008-3217 powerdns-recursor-rng-weak-security(43925)  View
19705 3100 CVE-2008-3217 FEDORA-2008-6893  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
50725 JVNDB-2008-006035 PowerDNS Recursor における DNS を偽装される脆弱性 PowerDNS Recursor は、ソースポート選択に強度の高い乱数ジェネレータを使用しないため、DNS を偽装される脆弱性が存在します。 CVE-2008-3217 33330 CVE-2008-3217 3100 6.8 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006035.html 2008-04-25 2012-12-20 View