Detections
Analytics
Debian DSA-1619-1 : python-dns - DNS response spoofing
medium Nessus Plugin ID 33739
Synopsis
The remote Debian host is missing a security-related update.Description
Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many DNS implementations. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.The Common Vulnerabilities and Exposures project identifies this class of weakness as CVE-2008-1447 and this specific instance in PyDNS as CVE-2008-4099.
Solution
Upgrade the python-dns package.For the stable distribution (etch), these problems have been fixed in version 2.3.0-5.2+etch1.
See Also
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490217
https://security-tracker.debian.org/tracker/CVE-2008-1447
Plugin Details
Severity: Medium
ID: 33739
File Name: debian_DSA-1619.nasl
Version: 1.31
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 7/28/2008
Updated: 1/4/2021
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P
Vulnerability Information
CPE: cpe:/o:debian:debian_linux:4.0, p-cpe:/a:debian:debian_linux:python-dns
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 7/27/2008
Reference Information
CVE: CVE-2008-1447, CVE-2008-4099, CVE-2008-4194
BID: 30131