DescriptionAn issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits.
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.SUSE Bugzilla entry: 1190311 [RESOLVED / INVALID] No SUSE Security Announcements cross referenced.
SUSE Timeline for this CVECVE page created: Thu Aug 19 18:00:20 2021
CVE page last modified: Fri Oct 7 12:51:40 2022