DEBIAN-CVE-2008-4100
- Source
- https://security-tracker.debian.org/tracker/CVE-2008-4100
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-4100.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2008-4100
- Upstream
- Published
- 2008-09-18T17:59:32.843Z
- Modified
- 2025-11-19T02:04:32.685616Z
- Summary
- [none]
- Details
-
GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the product's intended role in a trusted environment.
- References
Affected packages
Debian:11 / adns
Package
- Name
- adns
- Purl
- pkg:deb/debian/adns?arch=source
Debian:12 / adns
Package
- Name
- adns
- Purl
- pkg:deb/debian/adns?arch=source
Debian:13 / adns
Package
- Name
- adns
- Purl
- pkg:deb/debian/adns?arch=source
Debian:14 / adns
Package
- Name
- adns
- Purl
- pkg:deb/debian/adns?arch=source