Executive Summary
Summary | |
---|---|
Title | BIND version 8 generates cryptographically weak DNS query identifiers |
Informations | |||
---|---|---|---|
Name | VU#927905 | First vendor Publication | 2007-08-28 |
Vendor | VU-CERT | Last vendor Modification | 2007-08-28 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#927905BIND version 8 generates cryptographically weak DNS query identifiersOverviewISC BIND version 8 generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches.I. DescriptionThe Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). Version 8 of the BIND software uses a weak algorithm to generate DNS query identifiers. This condition allows an attacker to reliably guess the next query ID, thereby allowing for DNS cache poisoning attacks.ISC states that this bug only affects outgoing queries, generated by BIND 8 to answer questions as a resolver, or when it is looking up data for internal uses, such as when sending NOTIFY messages to slave name servers. Note that although this vulnerability is similar in nature and impact to VU#252735, it is a distinct issue.
can be applied to BIND 8.4.7. The more definitive solution is to upgrade to BIND 9. BIND 8 is being declared "end of life" by ISC due to multiple architectural issues. See ISC's website at http://www.isc.org for more information and assistance. Systems Affected
References
Thanks to the Internet Systems Consortium (ISC) for reporting this vulnerability. ISC, in turn, credits Amit Klein from Trusteer for reporting this issue to them. This document was written by Chad Dougherty.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/927905 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:2154 | |||
Oval ID: | oval:org.mitre.oval:def:2154 | ||
Title: | Security Vulnerability in BIND 8 May Allow Cache Poisoning Attack | ||
Description: | The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors. NOTE: this issue is different from CVE-2007-2926. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-2930 | Version: | 1 |
Platform(s): | Sun Solaris 8 Sun Solaris 9 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-05-05 | Name : HP-UX Update for BIND 8 HPSBUX02289 File : nvt/gb_hp_ux_HPSBUX02289.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
36796 | ISC BIND Outgoing Query Predictable DNS Query ID |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-12-04 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_36185.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote host is missing Sun Security Patch number 114265-23 File : solaris9_x86_114265.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote host is missing Sun Security Patch number 112837-24 File : solaris9_112837.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 109326-24 File : solaris8_109326.nasl - Type : ACT_GATHER_INFO |
2004-07-12 | Name : The remote host is missing Sun Security Patch number 109327-24 File : solaris8_x86_109327.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-04-26 18:28:25 |
|
2013-05-11 12:26:46 |
|