MirBSD: old MirOS News — CVE-2008-1447

old MirOS News

⚠ This page contains old, outdated, obsolete, … historic or WIP content! No warranties e.g. for correctness!

All 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17

CVE-2008-1447

2008-07-08

Tags: security

The CVE-2008-1447 does not, according to various sources, affect systems that randomise their source port. MirOS libc’s integrated resolver, according to some OpenBSD developers, does this, as does DJBDNS. The net/bind mirport is affected, but by using pf(4) to NAT yourself (thanks to Vutral for the suggestion), you can randomise these ports too. According to RUS-CERT, only using DNSSEC is a fix… I wonder if this is truth or advertising for a technique without wide-spread use.

• Kontakt via eMail contact to MirBSD • Impressum & Datenschutzerklärung • This website is (supposed to be) Valid HTML! •

Generated on 2023-07-26 03:17:20 by $MirOS: www/mk/htsconv,v 1.116 2023/07/26 03:09:23 tg Exp $ and $MirOS: www/mk/parser,v 1.33 2018/05/06 13:23:36 tg Exp $ and $MirOS: www/mk/inc2htm,v 1.44 2021/04/24 04:19:09 tg Exp $ from $MirOS: www/data/news.cfg,v 1.13 2021/05/26 22:08:00 tg Exp $ and $MirOS: www/data/news.inc,v 1.179 2023/01/03 17:28:32 tg Exp $ and $MirOS: www/data/wlog-10.inc,v 1.509 2023/01/03 17:28:34 tg Exp $ and $MirOS: www/data/wlog-10-tg.inc,v 1.9 2023/01/03 17:28:33 tg Exp $ and $MirOS: www/data/wlog2018.inc,v 1.8 2023/01/03 17:28:38 tg Exp $ and $MirOS: www/data/wlog2019.inc,v 1.12 2022/05/13 21:52:30 tg Exp $ and $MirOS: www/data/wlog2020.inc,v 1.21 2021/04/24 04:02:15 tg Exp $ and $MirOS: www/data/wlog2021.inc,v 1.7 2023/02/06 02:07:45 tg Exp $