GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the products intended role in a trusted environment.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Adns | Gnu | * | 1.4 (including) |
| Adns | Gnu | 0.1 (including) | 0.1 (including) |
| Adns | Gnu | 0.2 (including) | 0.2 (including) |
| Adns | Gnu | 0.3 (including) | 0.3 (including) |
| Adns | Gnu | 0.4 (including) | 0.4 (including) |
| Adns | Gnu | 0.5 (including) | 0.5 (including) |
| Adns | Gnu | 0.6 (including) | 0.6 (including) |
| Adns | Gnu | 0.7 (including) | 0.7 (including) |
| Adns | Gnu | 0.8 (including) | 0.8 (including) |
| Adns | Gnu | 0.9 (including) | 0.9 (including) |
| Adns | Gnu | 1.0 (including) | 1.0 (including) |
| Adns | Gnu | 1.1 (including) | 1.1 (including) |
| Adns | Gnu | 1.2 (including) | 1.2 (including) |
| Adns | Gnu | 1.3 (including) | 1.3 (including) |
| Adns | Ubuntu | dapper | * |
| Adns | Ubuntu | feisty | * |
| Adns | Ubuntu | gutsy | * |
| Adns | Ubuntu | hardy | * |
| Adns | Ubuntu | upstream | * |