CVE-2008-5133

Name of the Vulnerable Software and Affected Versions Sun Solaris versions prior to snv 96 Multiple Cisco products (affected versions not specified)

Description The issue allows remote attackers to bypass an intended protection mechanism and spoof the responses to DNS queries sent by named, when running on a DNS server with Network Address Translation (NAT) configured. This is due to the improper change of the source port of a packet when the destination port is the DNS port. Additionally, the use of insufficiently randomized DNS transaction IDs and UDP source ports in DNS queries may allow an attacker to more easily forge DNS answers that can poison DNS caches.

Recommendations For Sun Solaris versions prior to snv 96: Update to a version after snv 96 to resolve the issue. For Multiple Cisco products: At the moment, there is no information about a newer version that contains a fix for this vulnerability.