View Full Version : USN-627-1: Dnsmasq vulnerability

July 22nd, 2008, 05:40 PM
Referenced CVEs:

================================================== ========= Ubuntu Security Notice USN-627-1 July 22, 2008 dnsmasq vulnerability CVE-2008-1447 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: dnsmasq-base 2.41-2ubuntu2.1 After a standard system upgrade you need to restart Dnsmasq to effect the necessary changes. Details follow: Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.

More... (http://www.ubuntu.com/usn/usn-627-1)