Lucene search

[email protected]NVD:CVE-2008-1447

HistoryJul 08, 2008 - 11:41 p.m.

CVE-2008-1447

2008-07-0823:41:00

CWE-331

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

6.3 Medium

AI Score

Confidence

High

0.133 Low

EPSS

Percentile

95.6%

JSON

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka “DNS Insufficient Socket Entropy Vulnerability” or “the Kaminsky bug.”

Affected configurations

NVD

Node

canonicalubuntu_linuxMatch6.06lts

canonicalubuntu_linuxMatch7.04

canonicalubuntu_linuxMatch7.10

canonicalubuntu_linuxMatch8.04lts

ciscoiosMatch12.0

debiandebian_linuxMatch4.0

microsoftwindows_2000sp4

microsoftwindows_server_2003Match-x64

microsoftwindows_server_2003Match-sp1compute_clusteritanium

microsoftwindows_server_2003Match-sp1datacenteritanium

microsoftwindows_server_2003Match-sp1enterpriseitanium

microsoftwindows_server_2003Match-sp1standarditanium

microsoftwindows_server_2003Match-sp1storageitanium

microsoftwindows_server_2003Match-sp2compute_clusteritanium

microsoftwindows_server_2003Match-sp2compute_clusterx64

microsoftwindows_server_2003Match-sp2datacenteritanium

microsoftwindows_server_2003Match-sp2datacenterx64

microsoftwindows_server_2003Match-sp2enterpriseitanium

microsoftwindows_server_2003Match-sp2enterprisex64

microsoftwindows_server_2003Match-sp2standarditanium

microsoftwindows_server_2003Match-sp2standardx64

microsoftwindows_server_2003Match-sp2storageitanium

microsoftwindows_server_2003Match-sp2storagex64

microsoftwindows_xpsp2

microsoftwindows_xpMatch--professionalx64

microsoftwindows_xpMatch-sp3

redhatenterprise_linuxMatch2.1as

redhatenterprise_linuxMatch2.1es

redhatenterprise_linuxMatch2.1ws

redhatenterprise_linuxMatch5client

redhatenterprise_linuxMatch5client_workstation

redhatenterprise_linuxMatch5.0

AND

iscbindMatch4

iscbindMatch8

iscbindMatch9.2.9

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc

blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html

bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368

lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

lists.apple.com/archives/security-announce//2008/Sep/msg00003.html

lists.apple.com/archives/security-announce//2008/Sep/msg00004.html

lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html

lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html

lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

marc.info/?l=bugtraq&m=121630706004256&w=2

marc.info/?l=bugtraq&m=121866517322103&w=2

marc.info/?l=bugtraq&m=123324863916385&w=2

marc.info/?l=bugtraq&m=141879471518471&w=2

rhn.redhat.com/errata/RHSA-2008-0533.html

secunia.com/advisories/30925

secunia.com/advisories/30973

secunia.com/advisories/30977

secunia.com/advisories/30979

secunia.com/advisories/30980

secunia.com/advisories/30988

secunia.com/advisories/30989

secunia.com/advisories/30998

secunia.com/advisories/31011

secunia.com/advisories/31012

secunia.com/advisories/31014

secunia.com/advisories/31019

secunia.com/advisories/31022

secunia.com/advisories/31030

secunia.com/advisories/31031

secunia.com/advisories/31033

secunia.com/advisories/31052

secunia.com/advisories/31065

secunia.com/advisories/31072

secunia.com/advisories/31093

secunia.com/advisories/31094

secunia.com/advisories/31137

secunia.com/advisories/31143

secunia.com/advisories/31151

secunia.com/advisories/31152

secunia.com/advisories/31153

secunia.com/advisories/31169

secunia.com/advisories/31197

secunia.com/advisories/31199

secunia.com/advisories/31204

secunia.com/advisories/31207

secunia.com/advisories/31209

secunia.com/advisories/31212

secunia.com/advisories/31213

secunia.com/advisories/31221

secunia.com/advisories/31236

secunia.com/advisories/31237

secunia.com/advisories/31254

secunia.com/advisories/31326

secunia.com/advisories/31354

secunia.com/advisories/31422

secunia.com/advisories/31430

secunia.com/advisories/31451

secunia.com/advisories/31482

secunia.com/advisories/31495

secunia.com/advisories/31588

secunia.com/advisories/31687

secunia.com/advisories/31823

secunia.com/advisories/31882

secunia.com/advisories/31900

secunia.com/advisories/33178

secunia.com/advisories/33714

secunia.com/advisories/33786

security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc

security.gentoo.org/glsa/glsa-200807-08.xml

security.gentoo.org/glsa/glsa-200812-17.xml

security.gentoo.org/glsa/glsa-201209-25.xml

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239

sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1

sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1

support.apple.com/kb/HT3026

support.apple.com/kb/HT3129

support.citrix.com/article/CTX117991

support.citrix.com/article/CTX118183

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152

up2date.astaro.com/2008/08/up2date_7202_released.html

wiki.rpath.com/wiki/Advisories:rPSA-2008-0231

wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

www.bluecoat.com/support/security-advisories/dns_cache_poisoning

www.caughq.org/exploits/CAU-EX-2008-0002.txt

www.caughq.org/exploits/CAU-EX-2008-0003.txt

www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml

www.debian.org/security/2008/dsa-1603

www.debian.org/security/2008/dsa-1604

www.debian.org/security/2008/dsa-1605

www.debian.org/security/2008/dsa-1619

www.debian.org/security/2008/dsa-1623

www.doxpara.com/?p=1176

www.doxpara.com/DMK_BO2K8.ppt

www.ibm.com/support/docview.wss?uid=isg1IZ26667

www.ibm.com/support/docview.wss?uid=isg1IZ26668

www.ibm.com/support/docview.wss?uid=isg1IZ26669

www.ibm.com/support/docview.wss?uid=isg1IZ26670

www.ibm.com/support/docview.wss?uid=isg1IZ26671

www.ibm.com/support/docview.wss?uid=isg1IZ26672

www.ipcop.org/index.php?name=News&file=article&sid=40

www.isc.org/index.pl?/sw/bind/bind-security.php

www.kb.cert.org/vuls/id/800113

www.kb.cert.org/vuls/id/MIMG-7DWR4J

www.kb.cert.org/vuls/id/MIMG-7ECL8Q

www.mandriva.com/security/advisories?name=MDVSA-2008:139

www.nominum.com/asset_upload_file741_2661.pdf

www.novell.com/support/viewContent.do?externalId=7000912

www.openbsd.org/errata42.html#013_bind

www.openbsd.org/errata43.html#004_bind

www.phys.uu.nl/~rombouts/pdnsd.html

www.phys.uu.nl/~rombouts/pdnsd/ChangeLog

www.redhat.com/support/errata/RHSA-2008-0789.html

www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html

www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

www.securityfocus.com/archive/1/495289/100/0/threaded

www.securityfocus.com/archive/1/495869/100/0/threaded

www.securityfocus.com/bid/30131

www.securitytracker.com/id?1020437

www.securitytracker.com/id?1020438

www.securitytracker.com/id?1020440

www.securitytracker.com/id?1020448

www.securitytracker.com/id?1020449

www.securitytracker.com/id?1020548

www.securitytracker.com/id?1020558

www.securitytracker.com/id?1020560

www.securitytracker.com/id?1020561

www.securitytracker.com/id?1020575

www.securitytracker.com/id?1020576

www.securitytracker.com/id?1020577

www.securitytracker.com/id?1020578

www.securitytracker.com/id?1020579

www.securitytracker.com/id?1020651

www.securitytracker.com/id?1020653

www.securitytracker.com/id?1020702

www.securitytracker.com/id?1020802

www.securitytracker.com/id?1020804

www.ubuntu.com/usn/usn-622-1

www.ubuntu.com/usn/usn-627-1

www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html

www.us-cert.gov/cas/techalerts/TA08-190A.html

www.us-cert.gov/cas/techalerts/TA08-190B.html

www.us-cert.gov/cas/techalerts/TA08-260A.html

www.vmware.com/security/advisories/VMSA-2008-0014.html

www.vupen.com/english/advisories/2008/2019/references

www.vupen.com/english/advisories/2008/2023/references

www.vupen.com/english/advisories/2008/2025/references

www.vupen.com/english/advisories/2008/2029/references

www.vupen.com/english/advisories/2008/2030/references

www.vupen.com/english/advisories/2008/2050/references

www.vupen.com/english/advisories/2008/2051/references

www.vupen.com/english/advisories/2008/2052/references

www.vupen.com/english/advisories/2008/2055/references

www.vupen.com/english/advisories/2008/2092/references

www.vupen.com/english/advisories/2008/2113/references

www.vupen.com/english/advisories/2008/2114/references

www.vupen.com/english/advisories/2008/2123/references

www.vupen.com/english/advisories/2008/2139/references

www.vupen.com/english/advisories/2008/2166/references

www.vupen.com/english/advisories/2008/2195/references

www.vupen.com/english/advisories/2008/2196/references

www.vupen.com/english/advisories/2008/2197/references

www.vupen.com/english/advisories/2008/2268

www.vupen.com/english/advisories/2008/2291

www.vupen.com/english/advisories/2008/2334

www.vupen.com/english/advisories/2008/2342

www.vupen.com/english/advisories/2008/2377

www.vupen.com/english/advisories/2008/2383

www.vupen.com/english/advisories/2008/2384

www.vupen.com/english/advisories/2008/2466

www.vupen.com/english/advisories/2008/2467

www.vupen.com/english/advisories/2008/2482

www.vupen.com/english/advisories/2008/2525

www.vupen.com/english/advisories/2008/2549

www.vupen.com/english/advisories/2008/2558

www.vupen.com/english/advisories/2008/2582

www.vupen.com/english/advisories/2008/2584

www.vupen.com/english/advisories/2009/0297

www.vupen.com/english/advisories/2009/0311

www.vupen.com/english/advisories/2010/0622

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037

exchange.xforce.ibmcloud.com/vulnerabilities/43334

exchange.xforce.ibmcloud.com/vulnerabilities/43637

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627

www.exploit-db.com/exploits/6122

www.exploit-db.com/exploits/6123

www.exploit-db.com/exploits/6130

www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

6.3 Medium

AI Score

Confidence

High

0.133 Low

EPSS

Percentile

95.6%

JSON

CVE-2008-1447

Affected configurations

References

Related