Unrated severityNVD Advisory· Published Jul 18, 2008· Updated Apr 23, 2026
CVE-2008-3217
CVE-2008-3217
Description
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of security improvements associated with addressing CVE-2008-1637.
Affected products
7cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*range: <=3.1.5
- cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179nvdPatch
- doc.powerdns.com/changelog.htmlnvd
- secunia.com/advisories/31311nvd
- www.openwall.com/lists/oss-security/2008/07/09/10nvd
- www.openwall.com/lists/oss-security/2008/07/10/6nvd
- www.openwall.com/lists/oss-security/2008/07/16/12nvd
- www.securityfocus.com/bid/30782nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43925nvd
- www.redhat.com/archives/fedora-package-announce/2008-July/msg01353.htmlnvd
News mentions
0No linked articles in our index yet.