CVE-2007-3152 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-3152
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3152

Description: c-ares before 1.4.0 uses a predictable seed for the random number generator for the DNS Transaction ID field, which might allow remote attackers to spoof DNS responses by guessing the field value.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/34979 SAID Secunia Advisory: SA25579 OSVDB 37171 CONFIRM http://cool.haxx.se/cvs.cgi/curl/ares/CHANGES?rev=HEAD&content-type=text/vnd.viewcvs-markup BID 24386

Return to the previous page.