CVE-2008-1447

MEDIUM

Description

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc

http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368

http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html

http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html

http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html

http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

http://marc.info/?l=bugtraq&m=121630706004256&w=2

http://marc.info/?l=bugtraq&m=121866517322103&w=2

http://marc.info/?l=bugtraq&m=123324863916385&w=2

http://marc.info/?l=bugtraq&m=141879471518471&w=2

http://rhn.redhat.com/errata/RHSA-2008-0533.html

http://secunia.com/advisories/30925

http://secunia.com/advisories/30973

http://secunia.com/advisories/30977

http://secunia.com/advisories/30979

http://secunia.com/advisories/30980

http://secunia.com/advisories/30988

http://secunia.com/advisories/30989

http://secunia.com/advisories/30998

http://secunia.com/advisories/31011

http://secunia.com/advisories/31012

http://secunia.com/advisories/31014

http://secunia.com/advisories/31019

http://secunia.com/advisories/31022

http://secunia.com/advisories/31030

http://secunia.com/advisories/31031

http://secunia.com/advisories/31033

http://secunia.com/advisories/31052

http://secunia.com/advisories/31065

http://secunia.com/advisories/31072

http://secunia.com/advisories/31093

http://secunia.com/advisories/31094

http://secunia.com/advisories/31137

http://secunia.com/advisories/31143

http://secunia.com/advisories/31151

http://secunia.com/advisories/31152

http://secunia.com/advisories/31153

http://secunia.com/advisories/31169

http://secunia.com/advisories/31197

http://secunia.com/advisories/31199

http://secunia.com/advisories/31204

http://secunia.com/advisories/31207

http://secunia.com/advisories/31209

http://secunia.com/advisories/31212

http://secunia.com/advisories/31213

http://secunia.com/advisories/31221

http://secunia.com/advisories/31236

http://secunia.com/advisories/31237

http://secunia.com/advisories/31254

http://secunia.com/advisories/31326

http://secunia.com/advisories/31354

http://secunia.com/advisories/31422

http://secunia.com/advisories/31430

http://secunia.com/advisories/31451

http://secunia.com/advisories/31482

http://secunia.com/advisories/31495

http://secunia.com/advisories/31588

http://secunia.com/advisories/31687

http://secunia.com/advisories/31823

http://secunia.com/advisories/31882

http://secunia.com/advisories/31900

http://secunia.com/advisories/33178

http://secunia.com/advisories/33714

http://secunia.com/advisories/33786

http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc

http://security.gentoo.org/glsa/glsa-200807-08.xml

http://security.gentoo.org/glsa/glsa-200812-17.xml

http://security.gentoo.org/glsa/glsa-201209-25.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239

http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1

http://support.apple.com/kb/HT3026

http://support.apple.com/kb/HT3129

http://support.citrix.com/article/CTX117991

http://support.citrix.com/article/CTX118183

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152

http://up2date.astaro.com/2008/08/up2date_7202_released.html

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231

http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning

http://www.caughq.org/exploits/CAU-EX-2008-0002.txt

http://www.caughq.org/exploits/CAU-EX-2008-0003.txt

http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml

http://www.debian.org/security/2008/dsa-1603

http://www.debian.org/security/2008/dsa-1604

http://www.debian.org/security/2008/dsa-1605

http://www.debian.org/security/2008/dsa-1619

http://www.debian.org/security/2008/dsa-1623

http://www.doxpara.com/?p=1176

http://www.doxpara.com/DMK_BO2K8.ppt

http://www.ibm.com/support/docview.wss?uid=isg1IZ26667

http://www.ibm.com/support/docview.wss?uid=isg1IZ26668

http://www.ibm.com/support/docview.wss?uid=isg1IZ26669

http://www.ibm.com/support/docview.wss?uid=isg1IZ26670

http://www.ibm.com/support/docview.wss?uid=isg1IZ26671

http://www.ibm.com/support/docview.wss?uid=isg1IZ26672

http://www.ipcop.org/index.php?name=News&file=article&sid=40

http://www.isc.org/index.pl?/sw/bind/bind-security.php

http://www.kb.cert.org/vuls/id/800113

http://www.kb.cert.org/vuls/id/MIMG-7DWR4J

http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q

http://www.mandriva.com/security/advisories?name=MDVSA-2008:139

http://www.nominum.com/asset_upload_file741_2661.pdf

http://www.novell.com/support/viewContent.do?externalId=7000912

http://www.openbsd.org/errata42.html#013_bind

http://www.openbsd.org/errata43.html#004_bind

http://www.phys.uu.nl/~rombouts/pdnsd.html

http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog

http://www.redhat.com/support/errata/RHSA-2008-0789.html

http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html

http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

http://www.securityfocus.com/archive/1/495289/100/0/threaded

http://www.securityfocus.com/archive/1/495869/100/0/threaded

http://www.securityfocus.com/bid/30131

http://www.securitytracker.com/id?1020437

http://www.securitytracker.com/id?1020438

http://www.securitytracker.com/id?1020440

http://www.securitytracker.com/id?1020448

http://www.securitytracker.com/id?1020449

http://www.securitytracker.com/id?1020548

http://www.securitytracker.com/id?1020558

http://www.securitytracker.com/id?1020560

http://www.securitytracker.com/id?1020561

http://www.securitytracker.com/id?1020575

http://www.securitytracker.com/id?1020576

http://www.securitytracker.com/id?1020577

http://www.securitytracker.com/id?1020578

http://www.securitytracker.com/id?1020579

http://www.securitytracker.com/id?1020651

http://www.securitytracker.com/id?1020653

http://www.securitytracker.com/id?1020702

http://www.securitytracker.com/id?1020802

http://www.securitytracker.com/id?1020804

http://www.ubuntu.com/usn/usn-622-1

http://www.ubuntu.com/usn/usn-627-1

http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html

http://www.us-cert.gov/cas/techalerts/TA08-190A.html

http://www.us-cert.gov/cas/techalerts/TA08-190B.html

http://www.us-cert.gov/cas/techalerts/TA08-260A.html

http://www.vmware.com/security/advisories/VMSA-2008-0014.html

http://www.vupen.com/english/advisories/2008/2019/references

http://www.vupen.com/english/advisories/2008/2023/references

http://www.vupen.com/english/advisories/2008/2025/references

http://www.vupen.com/english/advisories/2008/2029/references

http://www.vupen.com/english/advisories/2008/2030/references

http://www.vupen.com/english/advisories/2008/2050/references

http://www.vupen.com/english/advisories/2008/2051/references

http://www.vupen.com/english/advisories/2008/2052/references

http://www.vupen.com/english/advisories/2008/2055/references

http://www.vupen.com/english/advisories/2008/2092/references

http://www.vupen.com/english/advisories/2008/2113/references

http://www.vupen.com/english/advisories/2008/2114/references

http://www.vupen.com/english/advisories/2008/2123/references

http://www.vupen.com/english/advisories/2008/2139/references

http://www.vupen.com/english/advisories/2008/2166/references

http://www.vupen.com/english/advisories/2008/2195/references

http://www.vupen.com/english/advisories/2008/2196/references

http://www.vupen.com/english/advisories/2008/2197/references

http://www.vupen.com/english/advisories/2008/2268

http://www.vupen.com/english/advisories/2008/2291

http://www.vupen.com/english/advisories/2008/2334

http://www.vupen.com/english/advisories/2008/2342

http://www.vupen.com/english/advisories/2008/2377

http://www.vupen.com/english/advisories/2008/2383

http://www.vupen.com/english/advisories/2008/2384

http://www.vupen.com/english/advisories/2008/2466

http://www.vupen.com/english/advisories/2008/2467

http://www.vupen.com/english/advisories/2008/2482

http://www.vupen.com/english/advisories/2008/2525

http://www.vupen.com/english/advisories/2008/2549

http://www.vupen.com/english/advisories/2008/2558

http://www.vupen.com/english/advisories/2008/2582

http://www.vupen.com/english/advisories/2008/2584

http://www.vupen.com/english/advisories/2009/0297

http://www.vupen.com/english/advisories/2009/0311

http://www.vupen.com/english/advisories/2010/0622

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037

https://exchange.xforce.ibmcloud.com/vulnerabilities/43334

https://exchange.xforce.ibmcloud.com/vulnerabilities/43637

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627

https://www.exploit-db.com/exploits/6122

https://www.exploit-db.com/exploits/6123

https://www.exploit-db.com/exploits/6130

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html

https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html

Details

Source: MITRE

Published: 2008-07-08

Updated: 2019-09-27

Type: CWE-331

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM