(RHSA-2007:0740) Moderate: bind security update

2007-07-24T04:00:00
ID RHSA-2007:0740
Type redhat
Reporter RedHat
Modified 2019-03-22T23:43:48

Description

ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols.

A flaw was found in the way BIND generates outbound DNS query ids. If an attacker is able to acquire a finite set of query IDs, it becomes possible to accurately predict future query IDs. Future query ID prediction may allow an attacker to conduct a DNS cache poisoning attack, which can result in the DNS server returning incorrect client query data. (CVE-2007-2926)

Users of BIND are advised to upgrade to these updated packages, which contain backported patches to correct this issue.