VDB
CVE-2008-4392
CVE-2008-4392
PUBLISHED
dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query.
EPSS 0.64% · 70.9th percentile
Risk Scores
EPSS Score
0.64%
70.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:25.10 | djbdns | 0, *, * |
| Ubuntu:22.04:LTS | djbdns | *, 0 |
| Ubuntu:24.04:LTS | djbdns | *, 0 |
| Ubuntu:16.04:LTS | djbdns | 0, 1:1.05-8ubuntu1 |
Exploit Intelligence
- http://www.your.org/dnscache/djbdns.pdf (circl)
- djbdns-soa-spoofing(48807) (circl)
- 33855 (circl)
- 33818 (circl)
- http://www.your.org/dnscache/ (circl)
Timeline
- Feb 19, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2008-4392 third-party-advisory
- http://cr.yp.to/djbdns/forgery.html third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2008-4392 third-party-advisory