[Secure-testing-commits] r9267 - data/CVE
fw at alioth.debian.org
fw at alioth.debian.org
Wed Jul 9 08:55:34 UTC 2008
Author: fw
Date: 2008-07-09 08:55:33 +0000 (Wed, 09 Jul 2008)
New Revision: 9267
Modified:
data/CVE/list
Log:
CVE-2008-1447: add more DNS implementations
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-07-08 23:15:14 UTC (rev 9266)
+++ data/CVE/list 2008-07-09 08:55:33 UTC (rev 9267)
@@ -3628,10 +3628,15 @@
RESERVED
CVE-2008-1448
RESERVED
-CVE-2008-1447
+CVE-2008-1447 [lack of source port randomization in DNS resolvers]
RESERVED
{DSA-1603-1}
- - bind9 1:9.5.0.dfsg-5
+ - bind9 1:9.5.0.dfsg-5 (high)
+ - glibc <unfixed> (medium)
+ - dnsmasq <unfixed> (medium)
+ - pdnsd <unfixed> (medium)
+ NOTE: Unbound and PowerDNS are affected by the underlying protocol issue, but
+ NOTE: already use source port randomization.
CVE-2008-1446
RESERVED
CVE-2008-1445 (Active Directory on Microsoft Windows 2000 Server SP4, XP Professional ...)
More information about the Secure-testing-commits
mailing list