PublicDate: 2008-04-02 17:44:00 UTC
Candidate: CVE-2008-1637
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1637
Description:
 PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate
 (1) TRXID values and (2) UDP source port numbers, which makes it easier for
 remote attackers to poison a DNS cache, related to (a) algorithmic
 deficiencies in rand and random functions in external libraries, (b) use of
 a 32-bit seed value, and (c) choice of the time of day as the sole seeding
 information.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_pdns-recursor:
upstream_pdns-recursor: needs-triage
dapper_pdns-recursor: DNE
edgy_pdns-recursor: needed (reached end-of-life)
feisty_pdns-recursor: needed (reached end-of-life)
gutsy_pdns-recursor: needed (reached end-of-life)
hardy_pdns-recursor: released (3.1.4-6ubuntu1)
intrepid_pdns-recursor: released (3.1.4-6ubuntu1)
devel_pdns-recursor: released (3.1.4-6ubuntu1)