CVE-2008-3217

PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.

Published: Jul 18, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3217
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
powerdns / recursor	3.1.2	3.1.2.x
powerdns / recursor	3.0	3.0.x
powerdns / recursor	3.1.1	3.1.1.x
powerdns / recursor	3.0.1	3.0.1.x
powerdns / recursor	3.1.3	3.1.3.x
powerdns / recursor	3.1.4	3.1.4.x
powerdns / recursor	-	3.1.5.x

http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6
http://secunia.com/advisories/31311
http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179
http://www.openwall.com/lists/oss-security/2008/07/09/10
http://www.openwall.com/lists/oss-security/2008/07/10/6
http://www.openwall.com/lists/oss-security/2008/07/16/12
http://www.securityfocus.com/bid/30782
https://exchange.xforce.ibmcloud.com/vulnerabilities/43925
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01353.html

Vulnerability Database

289,689

CVE-2008-3217