Lucene search

ISC BIND generates cryptographically weak DNS query IDs

🗓️ 27 Jul 2007 00:00:00Reported by CERTType

ISC BIND vulnerable to cryptographical analysis, allowing DNS cache poisoning by predicting query IDs. Upgrade to ISC BIND 9.2.8-P1, 9.3.4-P1, 9.4.1-P1, or 9.5.0a6

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 134
OpenVAS	FreeBSD Ports: named	4 Sep 200800:00	–	openvas
OpenVAS	HP-UX Update for BIND HPSBUX02251	5 May 200900:00	–	openvas
OpenVAS	Debian Security Advisory DSA 1341-1 (bind9)	17 Jan 200800:00	–	openvas
OpenVAS	Ubuntu: Security Advisory (USN-491-1)	23 Mar 200900:00	–	openvas
OpenVAS	FreeBSD Ports: named	4 Sep 200800:00	–	openvas
OpenVAS	Oracle: Security Advisory (ELSA-2007-0740)	8 Oct 201500:00	–	openvas
OpenVAS	SLES9: Security update for bind	10 Oct 200900:00	–	openvas
OpenVAS	SLES9: Security update for bind,bind-devel,bind-utils	10 Oct 200900:00	–	openvas
OpenVAS	Fedora Update for bind FEDORA-2007-647	27 Feb 200900:00	–	openvas
OpenVAS	Ubuntu Update for bind9 vulnerability USN-491-1	23 Mar 200900:00	–	openvas

Source	Link
isc	www.isc.org/sw/bind/bind-security.php
trusteer	www.trusteer.com/docs/bind9dns.html
jvn	www.jvn.jp/cert/JVNVU%23252735/index.html
secunia	www.secunia.com/advisories/26195/
milw0rm	www.milw0rm.com/exploits/4266
docs	www.docs.info.apple.com/article.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Jul 2007 00:00Current

7.2High risk

Vulners AI Score7.2

CVSS24.3

EPSS0.18771