csaf_redhat - rhsa-2008

rhsa-2008_0789

Vulnerability from csaf_redhat

Published

2008-08-11 17:02

Modified

2024-09-15 17:23

Summary

Red Hat Security Advisory: dnsmasq security update

Notes

Topic

An updated dnsmasq package that implements UDP source-port randomization is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Details

Dnsmasq is lightweight DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. The dnsmasq DNS resolver used a fixed source UDP port. This could have made DNS spoofing attacks easier. dnsmasq has been updated to use random UDP source ports, helping to make DNS spoofing attacks harder. (CVE-2008-1447) All dnsmasq users are advised to upgrade to this updated package, that upgrades dnsmasq to version 2.45, which resolves this issue.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated dnsmasq package that implements UDP source-port randomization\nis now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Dnsmasq is lightweight DNS forwarder and DHCP server. It is designed to\nprovide DNS and, optionally, DHCP, to a small network.\n\nThe dnsmasq DNS resolver used a fixed source UDP port. This could have made\nDNS spoofing attacks easier. dnsmasq has been updated to use random UDP\nsource ports, helping to make DNS spoofing attacks harder. (CVE-2008-1447)\n\nAll dnsmasq users are advised to upgrade to this updated package, that\nupgrades dnsmasq to version 2.45, which resolves this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0789",
        "url": "https://access.redhat.com/errata/RHSA-2008:0789"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG",
        "url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"
      },
      {
        "category": "external",
        "summary": "449345",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2008/rhsa-2008_0789.json"
      }
    ],
    "title": "Red Hat Security Advisory: dnsmasq security update",
    "tracking": {
      "current_release_date": "2024-09-15T17:23:45+00:00",
      "generator": {
        "date": "2024-09-15T17:23:45+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2008:0789",
      "initial_release_date": "2008-08-11T17:02:00+00:00",
      "revision_history": [
        {
          "date": "2008-08-11T17:02:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-08-11T13:02:04+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-15T17:23:45+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "dnsmasq-0:2.45-1.el5_2.1.src",
                "product": {
                  "name": "dnsmasq-0:2.45-1.el5_2.1.src",
                  "product_id": "dnsmasq-0:2.45-1.el5_2.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq@2.45-1.el5_2.1?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "dnsmasq-0:2.45-1.el5_2.1.x86_64",
                "product": {
                  "name": "dnsmasq-0:2.45-1.el5_2.1.x86_64",
                  "product_id": "dnsmasq-0:2.45-1.el5_2.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq@2.45-1.el5_2.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64",
                "product": {
                  "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64",
                  "product_id": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq-debuginfo@2.45-1.el5_2.1?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "dnsmasq-0:2.45-1.el5_2.1.i386",
                "product": {
                  "name": "dnsmasq-0:2.45-1.el5_2.1.i386",
                  "product_id": "dnsmasq-0:2.45-1.el5_2.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq@2.45-1.el5_2.1?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
                "product": {
                  "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
                  "product_id": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq-debuginfo@2.45-1.el5_2.1?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "dnsmasq-0:2.45-1.el5_2.1.ia64",
                "product": {
                  "name": "dnsmasq-0:2.45-1.el5_2.1.ia64",
                  "product_id": "dnsmasq-0:2.45-1.el5_2.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq@2.45-1.el5_2.1?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
                "product": {
                  "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
                  "product_id": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq-debuginfo@2.45-1.el5_2.1?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "dnsmasq-0:2.45-1.el5_2.1.ppc",
                "product": {
                  "name": "dnsmasq-0:2.45-1.el5_2.1.ppc",
                  "product_id": "dnsmasq-0:2.45-1.el5_2.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq@2.45-1.el5_2.1?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
                "product": {
                  "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
                  "product_id": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq-debuginfo@2.45-1.el5_2.1?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "dnsmasq-0:2.45-1.el5_2.1.s390x",
                "product": {
                  "name": "dnsmasq-0:2.45-1.el5_2.1.s390x",
                  "product_id": "dnsmasq-0:2.45-1.el5_2.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq@2.45-1.el5_2.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
                "product": {
                  "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
                  "product_id": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/dnsmasq-debuginfo@2.45-1.el5_2.1?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-0:2.45-1.el5_2.1.i386"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-0:2.45-1.el5_2.1.ia64"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-0:2.45-1.el5_2.1.ppc"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-0:2.45-1.el5_2.1.s390x"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-0:2.45-1.el5_2.1.src"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-0:2.45-1.el5_2.1.x86_64"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-0:2.45-1.el5_2.1.i386"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-0:2.45-1.el5_2.1.ia64"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-0:2.45-1.el5_2.1.ppc"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-0:2.45-1.el5_2.1.s390x"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-0:2.45-1.el5_2.1.src"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-0:2.45-1.el5_2.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-0:2.45-1.el5_2.1.x86_64"
        },
        "product_reference": "dnsmasq-0:2.45-1.el5_2.1.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64"
        },
        "product_reference": "dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Dan Kaminsky"
          ]
        }
      ],
      "cve": "CVE-2008-1447",
      "discovery_date": "2008-05-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "449345"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\"",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bind: implement source UDP port randomization (CERT VU#800113)",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client:dnsmasq-0:2.45-1.el5_2.1.i386",
          "5Client:dnsmasq-0:2.45-1.el5_2.1.ia64",
          "5Client:dnsmasq-0:2.45-1.el5_2.1.ppc",
          "5Client:dnsmasq-0:2.45-1.el5_2.1.s390x",
          "5Client:dnsmasq-0:2.45-1.el5_2.1.src",
          "5Client:dnsmasq-0:2.45-1.el5_2.1.x86_64",
          "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
          "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
          "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
          "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
          "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64",
          "5Server:dnsmasq-0:2.45-1.el5_2.1.i386",
          "5Server:dnsmasq-0:2.45-1.el5_2.1.ia64",
          "5Server:dnsmasq-0:2.45-1.el5_2.1.ppc",
          "5Server:dnsmasq-0:2.45-1.el5_2.1.s390x",
          "5Server:dnsmasq-0:2.45-1.el5_2.1.src",
          "5Server:dnsmasq-0:2.45-1.el5_2.1.x86_64",
          "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
          "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
          "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
          "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
          "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-1447"
        },
        {
          "category": "external",
          "summary": "RHBZ#449345",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-1447",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-1447"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447"
        }
      ],
      "release_date": "2008-07-08T18:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "5Client:dnsmasq-0:2.45-1.el5_2.1.i386",
            "5Client:dnsmasq-0:2.45-1.el5_2.1.ia64",
            "5Client:dnsmasq-0:2.45-1.el5_2.1.ppc",
            "5Client:dnsmasq-0:2.45-1.el5_2.1.s390x",
            "5Client:dnsmasq-0:2.45-1.el5_2.1.src",
            "5Client:dnsmasq-0:2.45-1.el5_2.1.x86_64",
            "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
            "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
            "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
            "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
            "5Client:dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64",
            "5Server:dnsmasq-0:2.45-1.el5_2.1.i386",
            "5Server:dnsmasq-0:2.45-1.el5_2.1.ia64",
            "5Server:dnsmasq-0:2.45-1.el5_2.1.ppc",
            "5Server:dnsmasq-0:2.45-1.el5_2.1.s390x",
            "5Server:dnsmasq-0:2.45-1.el5_2.1.src",
            "5Server:dnsmasq-0:2.45-1.el5_2.1.x86_64",
            "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.i386",
            "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ia64",
            "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.ppc",
            "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.s390x",
            "5Server:dnsmasq-debuginfo-0:2.45-1.el5_2.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0789"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "bind: implement source UDP port randomization (CERT VU#800113)"
    }
  ]
}

cve-2008-1447

Vulnerability from cvelistv5

Published

2008-07-08 23:00

Modified

2024-08-07 08:24

Severity

Summary

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

References

URL	Tags
http://www.securitytracker.com/id?1020438	vdb-entry, x_refsource_SECTRACK
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html	vendor-advisory, x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html	vendor-advisory, x_refsource_SUSE
http://www.kb.cert.org/vuls/id/800113	third-party-advisory, x_refsource_CERT-VN
http://secunia.com/advisories/31137	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31430	third-party-advisory, x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/MIMG-7DWR4J	x_refsource_CONFIRM
http://secunia.com/advisories/31169	third-party-advisory, x_refsource_SECUNIA
http://www.phys.uu.nl/~rombouts/pdnsd.html	x_refsource_CONFIRM
http://www.securitytracker.com/id?1020702	vdb-entry, x_refsource_SECTRACK
http://security.gentoo.org/glsa/glsa-201209-25.xml	vendor-advisory, x_refsource_GENTOO
http://www.vupen.com/english/advisories/2008/2052/references	vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1020561	vdb-entry, x_refsource_SECTRACK
http://www.vmware.com/security/advisories/VMSA-2008-0014.html	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141879471518471&w=2	vendor-advisory, x_refsource_HP
http://www.securitytracker.com/id?1020578	vdb-entry, x_refsource_SECTRACK
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc	vendor-advisory, x_refsource_FREEBSD
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627	vdb-entry, signature, x_refsource_OVAL
http://www.securitytracker.com/id?1020802	vdb-entry, x_refsource_SECTRACK
http://marc.info/?l=bugtraq&m=123324863916385&w=2	vendor-advisory, x_refsource_HP
http://www.securityfocus.com/bid/30131	vdb-entry, x_refsource_BID
http://www.openbsd.org/errata42.html#013_bind	vendor-advisory, x_refsource_OPENBSD
http://secunia.com/advisories/31236	third-party-advisory, x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html	vendor-advisory, x_refsource_APPLE
http://www.securitytracker.com/id?1020651	vdb-entry, x_refsource_SECTRACK
http://www.securitytracker.com/id?1020437	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/31209	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31012	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31151	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2050/references	vdb-entry, x_refsource_VUPEN
http://support.citrix.com/article/CTX117991	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=141879471518471&w=2	vendor-advisory, x_refsource_HP
http://secunia.com/advisories/31237	third-party-advisory, x_refsource_SECUNIA
http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog	x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html	vendor-advisory, x_refsource_APPLE
https://exchange.xforce.ibmcloud.com/vulnerabilities/43334	vdb-entry, x_refsource_XF
http://secunia.com/advisories/31495	third-party-advisory, x_refsource_SECUNIA
https://www.exploit-db.com/exploits/6130	exploit, x_refsource_EXPLOIT-DB
http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml	vendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id?1020579	vdb-entry, x_refsource_SECTRACK
http://www.nominum.com/asset_upload_file741_2661.pdf	x_refsource_MISC
http://www.securitytracker.com/id?1020653	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/30998	third-party-advisory, x_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1603	vendor-advisory, x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2008/2525	vdb-entry, x_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html	vendor-advisory, x_refsource_SUSE
http://secunia.com/advisories/31094	third-party-advisory, x_refsource_SECUNIA
http://www.ibm.com/support/docview.wss?uid=isg1IZ26668	vendor-advisory, x_refsource_AIXAPAR
http://secunia.com/advisories/31687	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2025/references	vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1	vendor-advisory, x_refsource_SUNALERT
http://www.us-cert.gov/cas/techalerts/TA08-260A.html	third-party-advisory, x_refsource_CERT
http://secunia.com/advisories/31588	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31019	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2029/references	vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=121630706004256&w=2	vendor-advisory, x_refsource_HP
https://www.exploit-db.com/exploits/6123	exploit, x_refsource_EXPLOIT-DB
http://www.ibm.com/support/docview.wss?uid=isg1IZ26671	vendor-advisory, x_refsource_AIXAPAR
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html	vendor-advisory, x_refsource_FEDORA
http://www.vupen.com/english/advisories/2008/2268	vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/0297	vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=121630706004256&w=2	vendor-advisory, x_refsource_HP
http://secunia.com/advisories/31207	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31031	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2584	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/31451	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2051/references	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/30977	third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0789.html	vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2008/2377	vdb-entry, x_refsource_VUPEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368	vendor-advisory, x_refsource_HP
http://www.securitytracker.com/id?1020558	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/31221	third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2008-0533.html	vendor-advisory, x_refsource_REDHAT
http://www.openbsd.org/errata43.html#004_bind	vendor-advisory, x_refsource_OPENBSD
http://www.securitytracker.com/id?1020804	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/31143	third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/495289/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2008/2195/references	vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2196/references	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/33714	third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=121866517322103&w=2	vendor-advisory, x_refsource_HP
http://secunia.com/advisories/33786	third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1020448	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/31882	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2384	vdb-entry, x_refsource_VUPEN
http://www.ibm.com/support/docview.wss?uid=isg1IZ26669	vendor-advisory, x_refsource_AIXAPAR
http://up2date.astaro.com/2008/08/up2date_7202_released.html	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/2123/references	vdb-entry, x_refsource_VUPEN
http://support.apple.com/kb/HT3026	x_refsource_CONFIRM
http://secunia.com/advisories/31014	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/30979	third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1020575	vdb-entry, x_refsource_SECTRACK
http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/2482	vdb-entry, x_refsource_VUPEN
http://www.ibm.com/support/docview.wss?uid=isg1IZ26672	vendor-advisory, x_refsource_AIXAPAR
http://support.apple.com/kb/HT3129	x_refsource_CONFIRM
http://www.debian.org/security/2008/dsa-1619	vendor-advisory, x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2008/2166/references	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/31072	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2139/references	vdb-entry, x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761	vdb-entry, signature, x_refsource_OVAL
http://www.vupen.com/english/advisories/2008/2092/references	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/31482	third-party-advisory, x_refsource_SECUNIA
http://www.ibm.com/support/docview.wss?uid=isg1IZ26670	vendor-advisory, x_refsource_AIXAPAR
http://www.mandriva.com/security/advisories?name=MDVSA-2008:139	vendor-advisory, x_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917	vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/30989	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2055/references	vdb-entry, x_refsource_VUPEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368	vendor-advisory, x_refsource_HP
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152	x_refsource_CONFIRM
http://www.ipcop.org/index.php?name=News&file=article&sid=40	x_refsource_CONFIRM
http://secunia.com/advisories/31065	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31254	third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/495869/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
http://www.doxpara.com/?p=1176	x_refsource_MISC
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc	vendor-advisory, x_refsource_NETBSD
http://www.ubuntu.com/usn/usn-627-1	vendor-advisory, x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2010/0622	vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1020576	vdb-entry, x_refsource_SECTRACK
http://www.isc.org/index.pl?/sw/bind/bind-security.php	x_refsource_CONFIRM
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520	vendor-advisory, x_refsource_HP
http://secunia.com/advisories/31153	third-party-advisory, x_refsource_SECUNIA
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/2549	vdb-entry, x_refsource_VUPEN
http://www.ibm.com/support/docview.wss?uid=isg1IZ26667	vendor-advisory, x_refsource_AIXAPAR
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html	x_refsource_CONFIRM
http://secunia.com/advisories/31213	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31030	third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-622-1	vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/31033	third-party-advisory, x_refsource_SECUNIA
http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html	x_refsource_MISC
http://www.securitytracker.com/id?1020440	vdb-entry, x_refsource_SECTRACK
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html	vendor-advisory, x_refsource_APPLE
http://www.doxpara.com/DMK_BO2K8.ppt	x_refsource_MISC
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html	mailing-list, x_refsource_FULLDISC
http://www.debian.org/security/2008/dsa-1604	vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/31823	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31326	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2558	vdb-entry, x_refsource_VUPEN
https://www.exploit-db.com/exploits/6122	exploit, x_refsource_EXPLOIT-DB
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725	vdb-entry, signature, x_refsource_OVAL
http://www.caughq.org/exploits/CAU-EX-2008-0003.txt	x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/43637	vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2008/2383	vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1020560	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/31900	third-party-advisory, x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q	x_refsource_CONFIRM
http://support.citrix.com/article/CTX118183	x_refsource_CONFIRM
http://secunia.com/advisories/30925	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/0311	vdb-entry, x_refsource_VUPEN
http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018	x_refsource_CONFIRM
http://www.debian.org/security/2008/dsa-1623	vendor-advisory, x_refsource_DEBIAN
http://www.vupen.com/english/advisories/2008/2582	vdb-entry, x_refsource_VUPEN
http://www.caughq.org/exploits/CAU-EX-2008-0002.txt	x_refsource_MISC
http://www.debian.org/security/2008/dsa-1605	vendor-advisory, x_refsource_DEBIAN
http://www.novell.com/support/viewContent.do?externalId=7000912	x_refsource_CONFIRM
http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/2342	vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2114/references	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/30973	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31204	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31354	third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200812-17.xml	vendor-advisory, x_refsource_GENTOO
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117	vdb-entry, signature, x_refsource_OVAL
http://secunia.com/advisories/33178	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/30988	third-party-advisory, x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html	vendor-advisory, x_refsource_APPLE
http://secunia.com/advisories/31011	third-party-advisory, x_refsource_SECUNIA
http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html	x_refsource_MISC
http://www.vupen.com/english/advisories/2008/2334	vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1020577	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/31422	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31197	third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1020548	vdb-entry, x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2008/2467	vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1	vendor-advisory, x_refsource_SUNALERT
http://www.us-cert.gov/cas/techalerts/TA08-190B.html	third-party-advisory, x_refsource_CERT
http://www.us-cert.gov/cas/techalerts/TA08-190A.html	third-party-advisory, x_refsource_CERT
http://security.gentoo.org/glsa/glsa-200807-08.xml	vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/31022	third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239	vendor-advisory, x_refsource_SLACKWARE
http://www.securitytracker.com/id?1020449	vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/31093	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/31052	third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/30980	third-party-advisory, x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680	vendor-advisory, x_refsource_SLACKWARE
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401	x_refsource_CONFIRM
http://secunia.com/advisories/31199	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2030/references	vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2291	vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2023/references	vdb-entry, x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=123324863916385&w=2	vendor-advisory, x_refsource_HP
http://www.vupen.com/english/advisories/2008/2466	vdb-entry, x_refsource_VUPEN
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037	vendor-advisory, x_refsource_MS
http://secunia.com/advisories/31212	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2113/references	vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/31152	third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2008/2019/references	vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2197/references	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website