resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets.
References
Link | Resource |
---|---|
http://git.savannah.gnu.org/cgit/lwip.git/commit/?id=9fb46e120655ac481b2af8f865d5ae56c39b831a | Patch |
http://www.kb.cert.org/vuls/id/210620 | US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2014-11-28T02:00:00
Updated: 2014-11-28T02:57:00
Reserved: 2014-07-10T00:00:00
Link: CVE-2014-4883
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-11-28T02:59:04.677
Modified: 2015-01-08T19:56:52.323
Link: CVE-2014-4883
JSON object: View
Redhat Information
No data.
CWE