Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2008-1447

🗓️ 08 Jul 2008 23:00:00Reported by microsoftType 
cve
 cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 315 Views

The DNS protocol allows spoofing of traffic via a birthday attack, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.

Related
Detection
Refs
Social
ReporterTitlePublishedViews
Family
ALT Linux		Security fix for the ALT Linux 5 package ruby version 1.8.7-alt6
12 Aug 200800:00
altlinux
ALT Linux		Security fix for the ALT Linux 8 package bind version 9.3.5-alt2
6 Jun 200800:00
altlinux
ALT Linux		Security fix for the ALT Linux 5 package bind version 9.3.5-alt2
6 Jun 200800:00
altlinux
ALT Linux		Security fix for the ALT Linux 6 package bind version 9.3.5-alt2
6 Jun 200800:00
altlinux
ALT Linux		Security fix for the ALT Linux 9 package bind version 9.3.5-alt2
6 Jun 200800:00
altlinux
0day.today		BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta)
23 Jul 200800:00
zdt
0day.today		BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
24 Jul 200800:00
zdt
0day.today		BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
25 Jul 200800:00
zdt
Tenable Nessus		ISC BIND DNS Query ID Field Prediction Cache Poisoning (deprecated)
18 Aug 200400:00
nessus
Tenable Nessus		DNS Server Source Port 53 Query Usage
22 Jul 200800:00
nessus
Rows per page
NVD
Node
canonicalubuntu_linuxMatch6.06lts
OR
canonicalubuntu_linuxMatch7.04
OR
canonicalubuntu_linuxMatch7.10
OR
canonicalubuntu_linuxMatch8.04lts
OR
ciscoiosMatch12.0
OR
debiandebian_linuxMatch4.0
OR
microsoftwindows_2000sp4
OR
microsoftwindows_server_2003Match-x64
OR
microsoftwindows_server_2003Match-sp1compute_clusteritanium
OR
microsoftwindows_server_2003Match-sp1datacenteritanium
OR
microsoftwindows_server_2003Match-sp1enterpriseitanium
OR
microsoftwindows_server_2003Match-sp1standarditanium
OR
microsoftwindows_server_2003Match-sp1storageitanium
OR
microsoftwindows_server_2003Match-sp2compute_clusteritanium
OR
microsoftwindows_server_2003Match-sp2compute_clusterx64
OR
microsoftwindows_server_2003Match-sp2datacenteritanium
OR
microsoftwindows_server_2003Match-sp2datacenterx64
OR
microsoftwindows_server_2003Match-sp2enterpriseitanium
OR
microsoftwindows_server_2003Match-sp2enterprisex64
OR
microsoftwindows_server_2003Match-sp2standarditanium
OR
microsoftwindows_server_2003Match-sp2standardx64
OR
microsoftwindows_server_2003Match-sp2storageitanium
OR
microsoftwindows_server_2003Match-sp2storagex64
OR
microsoftwindows_xpsp2
OR
microsoftwindows_xpMatch--professionalx64
OR
microsoftwindows_xpMatch-sp3
OR
redhatenterprise_linuxMatch2.1as
OR
redhatenterprise_linuxMatch2.1es
OR
redhatenterprise_linuxMatch2.1ws
OR
redhatenterprise_linuxMatch5client
OR
redhatenterprise_linuxMatch5client_workstation
OR
redhatenterprise_linuxMatch5.0
AND
iscbindMatch4
OR
iscbindMatch8
OR
iscbindMatch9.2.9

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
23 Apr 2026 00:35Current
6.6Medium risk
Vulners AI Score6.6
CVSS 25
CVSS 3.16.8
EPSS0.86288
CWE-331
dnsprotocolspoofingtrafficvulnerabilitykaminsky bugdns insufficient socket entropy vulnerability
315