CVE-2008-4392
Published: 19 February 2009
dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query.
Notes
Author | Note |
---|---|
sbeattie | debian attempted to mitigate the issue somewhat in 1:1.05-6 (lucid and newer) but the issue still stands |
Priority
Status
Package | Release | Status |
---|---|---|
djbdns Launchpad, Ubuntu, Debian |
artful |
Ignored
(end of life)
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
dapper |
Does not exist
|
|
disco |
Does not exist
|
|
eoan |
Does not exist
|
|
focal |
Does not exist
|
|
groovy |
Does not exist
|
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jammy |
Needs triage
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
kinetic |
Ignored
(end of life, was needs-triage)
|
|
lucid |
Ignored
(end of life)
|
|
lunar |
Ignored
(end of life, was needs-triage)
|
|
mantic |
Needs triage
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Does not exist
(trusty was needed)
|
|
upstream |
Needs triage
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Needed
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|