CVE-2014-4883
lwip < 1.4.1 - DNS Cache Poisoning via Predictable Query IDs and Source Ports
Title source: llmDescription
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets.
References (2)
Core 2
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/210620
Patch x_refsource_confirm
http://git.savannah.gnu.org/cgit/lwip.git/commit/?id=9fb46e120655ac481b2af8f865d5ae56c39b831a
Scores
EPSS
0.0057
EPSS Percentile
42.6%
Details
CWE
CWE-345
Status
published
Products (1)
lwip_project/lwip
< 1.4.1
Published
Nov 28, 2014
Tracked Since
Feb 18, 2026