USN-627-1: Dnsmasq vulnerability
22 July 2008
Dnsmasq vulnerability
Releases
Packages
- dnsmasq -
Details
Dan Kaminsky discovered weaknesses in the DNS protocol as implemented
by Dnsmasq. A remote attacker could exploit this to spoof DNS entries
and poison DNS caches. Among other things, this could lead to
misdirected email and web traffic.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 8.04
After a standard system upgrade you need to restart Dnsmasq to effect
the necessary changes.
References
Related notices
- USN-622-1: libdns22, libdns35, libdns21, bind9, libdns32