CVE-2007-2926

MEDIUM

Description

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.

References

ftp://aix.software.ibm.com/aix/efixes/security/README

ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc

http://docs.info.apple.com/article.html?artnum=307041

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368

http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html

http://marc.info/?l=bugtraq&m=141879471518471&w=2

http://secunia.com/advisories/26148

http://secunia.com/advisories/26152

http://secunia.com/advisories/26160

http://secunia.com/advisories/26180

http://secunia.com/advisories/26195

http://secunia.com/advisories/26217

http://secunia.com/advisories/26227

http://secunia.com/advisories/26231

http://secunia.com/advisories/26236

http://secunia.com/advisories/26261

http://secunia.com/advisories/26308

http://secunia.com/advisories/26330

http://secunia.com/advisories/26509

http://secunia.com/advisories/26515

http://secunia.com/advisories/26531

http://secunia.com/advisories/26605

http://secunia.com/advisories/26607

http://secunia.com/advisories/26847

http://secunia.com/advisories/26925

http://secunia.com/advisories/27643

http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc

http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1

http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903

http://www.debian.org/security/2007/dsa-1341

http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml

http://www.isc.org/index.pl?/sw/bind/bind-security.php

http://www.kb.cert.org/vuls/id/252735

http://www.mandriva.com/security/advisories?name=MDKSA-2007:149

http://www.novell.com/linux/security/advisories/2007_47_bind.html

http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html

http://www.redhat.com/support/errata/RHSA-2007-0740.html

http://www.securiteam.com/securitynews/5VP0L0UM0A.html

http://www.securityfocus.com/archive/1/474516/100/0/threaded

http://www.securityfocus.com/archive/1/474545/100/0/threaded

http://www.securityfocus.com/archive/1/474808/100/0/threaded

http://www.securityfocus.com/archive/1/474856/100/0/threaded

http://www.securityfocus.com/bid/25037

http://www.securityfocus.com/bid/26444

http://www.securitytracker.com/id?1018442

http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385

http://www.trusteer.com/docs/bind9dns.html

http://www.trusteer.com/docs/bind9dns_s.html

http://www.trustix.org/errata/2007/0023/

http://www.ubuntu.com/usn/usn-491-1

http://www.us-cert.gov/cas/techalerts/TA07-319A.html

http://www.vupen.com/english/advisories/2007/2627

http://www.vupen.com/english/advisories/2007/2662

http://www.vupen.com/english/advisories/2007/2782

http://www.vupen.com/english/advisories/2007/2914

http://www.vupen.com/english/advisories/2007/2932

http://www.vupen.com/english/advisories/2007/3242

http://www.vupen.com/english/advisories/2007/3868

http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only

http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only

https://exchange.xforce.ibmcloud.com/vulnerabilities/35575

https://issues.rpath.com/browse/RPL-1587

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226

Details

Source: MITRE

Published: 2007-07-24

Updated: 2018-10-30

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (57 total)

IDNameProductFamilySeverity
147379NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Multiple Vulnerabilities (NS-SA-2021-0017)NessusNewStart CGSL Local Security Checks
critical
140364Solaris 10 (x86) : 119784-46NessusSolaris Local Security Checks
medium
140363Solaris 10 (sparc) : 119783-46NessusSolaris Local Security Checks
medium
138427Solaris 10 (x86) : 119784-45NessusSolaris Local Security Checks
medium
138421Solaris 10 (sparc) : 119783-45NessusSolaris Local Security Checks
medium
137170OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021)NessusOracleVM Local Security Checks
critical
135440Solaris 10 (x86) : 119784-44NessusSolaris Local Security Checks
medium
135434Solaris 10 (sparc) : 119783-44NessusSolaris Local Security Checks
medium
129874Solaris 10 (x86) : 119784-43NessusSolaris Local Security Checks
medium
129870Solaris 10 (sparc) : 119783-43NessusSolaris Local Security Checks
medium
126726Solaris 10 (x86) : 119784-42NessusSolaris Local Security Checks
medium
126716Solaris 10 (sparc) : 119783-42NessusSolaris Local Security Checks
medium
121180Solaris 10 (x86) : 119784-41NessusSolaris Local Security Checks
medium
121174Solaris 10 (sparc) : 119783-41NessusSolaris Local Security Checks
medium
107845Solaris 10 (x86) : 119784-40NessusSolaris Local Security Checks
medium
107844Solaris 10 (x86) : 119784-39NessusSolaris Local Security Checks
medium
107843Solaris 10 (x86) : 119784-38NessusSolaris Local Security Checks
medium
107842Solaris 10 (x86) : 119784-37NessusSolaris Local Security Checks
medium
107841Solaris 10 (x86) : 119784-36NessusSolaris Local Security Checks
medium
107840Solaris 10 (x86) : 119784-33NessusSolaris Local Security Checks
medium
107839Solaris 10 (x86) : 119784-32NessusSolaris Local Security Checks
medium
107838Solaris 10 (x86) : 119784-31NessusSolaris Local Security Checks
medium
107837Solaris 10 (x86) : 119784-30NessusSolaris Local Security Checks
medium
107836Solaris 10 (x86) : 119784-29NessusSolaris Local Security Checks
medium
107835Solaris 10 (x86) : 119784-25NessusSolaris Local Security Checks
medium
107342Solaris 10 (sparc) : 119783-40NessusSolaris Local Security Checks
medium
107341Solaris 10 (sparc) : 119783-39NessusSolaris Local Security Checks
medium
107340Solaris 10 (sparc) : 119783-38NessusSolaris Local Security Checks
medium
107339Solaris 10 (sparc) : 119783-37NessusSolaris Local Security Checks
medium
107338Solaris 10 (sparc) : 119783-36NessusSolaris Local Security Checks
medium
107337Solaris 10 (sparc) : 119783-33NessusSolaris Local Security Checks
medium
107336Solaris 10 (sparc) : 119783-32NessusSolaris Local Security Checks
medium
107335Solaris 10 (sparc) : 119783-31NessusSolaris Local Security Checks
medium
107334Solaris 10 (sparc) : 119783-30NessusSolaris Local Security Checks
medium
107333Solaris 10 (sparc) : 119783-29NessusSolaris Local Security Checks
medium
107332Solaris 10 (sparc) : 119783-25NessusSolaris Local Security Checks
medium
99569OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)NessusOracleVM Local Security Checks
critical
67554Oracle Linux 3 / 4 / 5 : bind (ELSA-2007-0740)NessusOracle Linux Local Security Checks
medium
60231Scientific Linux Security Update : bind on SL5.x, SL4.x, SL3.x i386/x86_64NessusScientific Linux Local Security Checks
medium
54868Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 : bind (SSA:2007-207-01)NessusSlackware Local Security Checks
medium
41147SuSE9 Security Update : SLES9-SP4: Security update for bind (YOU Patch Number 11717)NessusSuSE Local Security Checks
medium
29388SuSE 10 Security Update : bind,bind-devel,bind-utils (ZYPP Patch Number 3976)NessusSuSE Local Security Checks
medium
4284Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)Nessus Network MonitorOperating System Detection
critical
28212Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)NessusMacOS X Local Security Checks
critical
28093Ubuntu 6.06 LTS / 6.10 / 7.04 : bind9 vulnerability (USN-491-1)NessusUbuntu Local Security Checks
medium
27707Fedora 7 : bind-9.4.1-7.P1.fc7 (2007-1247)NessusFedora Local Security Checks
medium
27168openSUSE 10 Security Update : bind (bind-3964)NessusSuSE Local Security Checks
medium
26139HP-UX PHNE_36973 : HP-UX Running BIND, Remote DNS Cache Poisoning (HPSBUX02251 SSRT071449 rev.3)NessusHP-UX Local Security Checks
medium
25919GLSA-200708-13 : BIND: Weak random number generationNessusGentoo Local Security Checks
medium
25851Debian DSA-1341-2 : bind9 - design errorNessusDebian Local Security Checks
medium
25834FreeBSD : FreeBSD -- Predictable query ids in named(8) (3de342fb-40be-11dc-aeac-02e0185f8d72)NessusFreeBSD Local Security Checks
medium
4147ISC BIND < 9.5.0a6 Multiple VulnerabilitiesNessus Network MonitorDNS Servers
medium
25797RHEL 2.1 / 3 / 4 / 5 : bind (RHSA-2007:0740)NessusRed Hat Local Security Checks
medium
25795Mandrake Linux Security Advisory : bind (MDKSA-2007:149)NessusMandriva Local Security Checks
medium
25778CentOS 3 / 4 / 5 : bind (CESA-2007:0740)NessusCentOS Local Security Checks
medium
25542Solaris 10 (x86) : 119784-40 (deprecated)NessusSolaris Local Security Checks
medium
25541Solaris 10 (sparc) : 119783-40 (deprecated)NessusSolaris Local Security Checks
medium