Subject: Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)

Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)

From: Brad House <brad_at_mainstreetsoftworks.com>
Date: Mon, 14 Jul 2008 10:55:54 -0400

If I'm not mistaken, that issue was corrected in v1.4.0:

Initial Patch submitted here:
http://daniel.haxx.se/projects/c-ares/mail/c-ares-archive-2007-05/0013.shtml

Vulnerability Announcement:
http://daniel.haxx.se/projects/c-ares/mail/c-ares-archive-2007-06/0011.shtml

-Brad

Ravi S wrote:
> Does anyone know if c-ares is vulnerable to DNS Cache poisoning
> vulnerability reported here: http://www.linux.com/feature/141080?
>
> Related Links
> -------------
> CERT Vulnerability page: http://www.kb.cert.org/vuls/id/800113
> CVE page: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
>
> --
> --Ravi
> Coming Soon: Signature 2.0 (Beta)
>
Received on 2008-07-14

This message: [ Message body ]
Next message: Ravi S: "Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"
Previous message: Daniel Stenberg: "Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"
In reply to: Ravi S: "DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"
Next in thread: Ravi S: "Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"
Reply: Ravi S: "Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]