ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols.
A flaw was found in the way BIND generates outbound DNS query ids. If an
attacker is able to acquire a finite set of query IDs, it becomes possible
to accurately predict future query IDs. Future query ID prediction may
allow an attacker to conduct a DNS cache poisoning attack, which can result
in the DNS server returning incorrect client query data. (CVE-2007-2926)
Users of BIND are advised to upgrade to these updated packages, which
contain backported patches to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | ia64 | bind-libs | < 9.3.3-9.0.1.el5 | bind-libs-9.3.3-9.0.1.el5.ia64.rpm |
RedHat | 3 | s390x | bind-devel | < 9.2.4-21.el3 | bind-devel-9.2.4-21.el3.s390x.rpm |
RedHat | 3 | ppc | bind-utils | < 9.2.4-21.el3 | bind-utils-9.2.4-21.el3.ppc.rpm |
RedHat | 4 | i386 | bind-utils | < 9.2.4-27.0.1.el4 | bind-utils-9.2.4-27.0.1.el4.i386.rpm |
RedHat | 5 | ia64 | bind-libbind-devel | < 9.3.3-9.0.1.el5 | bind-libbind-devel-9.3.3-9.0.1.el5.ia64.rpm |
RedHat | 5 | ppc | bind-libbind-devel | < 9.3.3-9.0.1.el5 | bind-libbind-devel-9.3.3-9.0.1.el5.ppc.rpm |
RedHat | 5 | x86_64 | bind-utils | < 9.3.3-9.0.1.el5 | bind-utils-9.3.3-9.0.1.el5.x86_64.rpm |
RedHat | 5 | ppc64 | bind-libbind-devel | < 9.3.3-9.0.1.el5 | bind-libbind-devel-9.3.3-9.0.1.el5.ppc64.rpm |
RedHat | 3 | x86_64 | bind-libs | < 9.2.4-21.el3 | bind-libs-9.2.4-21.el3.x86_64.rpm |
RedHat | 5 | i386 | bind | < 9.3.3-9.0.1.el5 | bind-9.3.3-9.0.1.el5.i386.rpm |