Ubuntu Security Notice USN-627-1 July 22, 2008==========20================================================= dnsmasq vulnerability CVE-2008-1447 ========================================================== A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: dnsmasq-base 2.41-2ubuntu2.1
After a standard system upgrade you need to restart Dnsmasq to effect the necessary changes.
Details follow:
Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.