DEBIAN-CVE-2008-3217

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2008-3217

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2008-3217.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2008-3217

Upstream

CVE-2008-3217

Published

2008-07-18T16:41:00Z

Modified

2025-11-14T04:01:31.767089Z

Summary

[none]

Details

PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.

References

https://security-tracker.debian.org/tracker/CVE-2008-3217

Affected packages

Debian:11 / pdns-recursor

Package

Name: pdns-recursor
Purl: pkg:deb/debian/pdns-recursor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.7-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / pdns-recursor

Package

Name: pdns-recursor
Purl: pkg:deb/debian/pdns-recursor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.7-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / pdns-recursor

Package

Name: pdns-recursor
Purl: pkg:deb/debian/pdns-recursor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.7-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:14 / pdns-recursor

Package

Name: pdns-recursor
Purl: pkg:deb/debian/pdns-recursor?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.7-1

Ecosystem specific

{
    "urgency": "low"
}