Bug#491809: libc6: DNS spoofing vulnerability [CVE-2008-1447]
* brian m. carlson:
> The glibc stub resolver is vulnerable to CVE-2008-1447, according to DSA
> 1605. Since the vast majority of network-using programs use glibc as a
> resolver, this vulnerability affects virtually any network-using
> program, hence the severity. libc6 should not be released without a fix
> for this problem.
> The vulnerability has been exposed:
I fail to see how this attack has a chance to work against non-caching
stub resolvers like the GNU libc resolver.
However, we're working on a solution.