English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 147413 CVE descriptions
and 71685 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

=========================================================== 
Ubuntu Security Notice USN-627-1              July 22, 2008
dnsmasq vulnerability
CVE-2008-1447
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  dnsmasq-base                    2.41-2ubuntu2.1

After a standard system upgrade you need to restart Dnsmasq to effect
the necessary changes.

Details follow:

Dan Kaminsky discovered weaknesses in the DNS protocol as implemented
by Dnsmasq. A remote attacker could exploit this to spoof DNS entries
and poison DNS caches. Among other things, this could lead to
misdirected email and web traffic.


Updated packages for Ubuntu 8.04 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.diff.gz
      Size/MD5:    22023 89c0f060733a11e414ef1fa634b17149
    http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.dsc
      Size/MD5:      698 e44ebdb66be7abcaba3f1558b9379abb
    http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41.orig.tar.gz
      Size/MD5:   357997 8d0acd6656299a800c4d1be5a1193e39

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1_all.deb
      Size/MD5:    11962 fbe42757babf0522e92a48438cdf7d0b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_amd64.deb
      Size/MD5:   210032 015334862975edd0c6157624b9b4cd6b

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_i386.deb
      Size/MD5:   202466 87bebd172bae955ef2ae8f2de323a737

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_lpia.deb
      Size/MD5:   202996 8938160f148e63de63cad64e2721c6d6

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_powerpc.deb
      Size/MD5:   210320 865aa2d674736978b2b00a8623267fc4

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_sparc.deb
      Size/MD5:   204034 211f90a72d775d1987b6c3179786546f


New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.