PyDNS (aka python-dns) prior to 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote malicious users to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian python-dns 2.3.0-2 |
||
debian python-dns 2.3.0-1 |
||
debian python-dns |
||
debian python-dns 2.3.1-2 |
||
debian python-dns 2.3.1-1 |
||
debian python-dns 2.3.0-5.1 |
||
debian python-dns 2.3.0-4 |
||
debian python-dns 2.3.0-6 |
||
debian python-dns 2.3.0-5 |
||
debian python-dns 2.3.0-3 |