Lucene search
K

40 matches found

RedHat Linux
RedHat Linux
added 2025/11/10 2:50 a.m.5 views

bind: Cache poisoning due to weak PRNG

A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...

8.6CVSS6.1AI score0.00454EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/06 3:50 p.m.6 views

bind: Cache poisoning due to weak PRNG

A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...

8.6CVSS6.1AI score0.00454EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/10/22 11:24 p.m.5 views

SUSE CVE-2025-40780

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

8.6CVSS6.8AI score0.00454EPSS
Exploits0References16
NVD
NVD
added 2025/10/22 4:15 p.m.7 views

CVE-2025-40780

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

8.6CVSS0.00454EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/22 4:4 p.m.5 views

CVE-2025-40780

A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...

8.6CVSS6.4AI score0.00454EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/22 3:48 p.m.19 views

CVE-2025-40780 Cache poisoning due to weak PRNG

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

8.6CVSS0.00454EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/10/22 3:48 p.m.2 views

CVE-2025-40780

In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.1...

8.6CVSS6.8AI score0.00454EPSS
Exploits0
CVE
CVE
added 2025/10/22 3:48 p.m.52 views

CVE-2025-40780

CVE-2025-40780 concerns BIND where a weakness in the PRNG can allow an attacker to predict the source port and query ID used by BIND. Connected advisories confirm this affects multiple BIND9 SPANs across releases (e.g., 9.16.x, 9.18.x, 9.20.x, 9.21.x) and related package updates. The root cause i...

8.6CVSS6.3AI score0.00454EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0095

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00844EPSS
Exploits0References6
OSV
OSV
added 2025/02/03 9:17 a.m.4 views

SUSE-SU-2025:20103-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2024-52616: Properly randomize query id of DNS packets bsc1233420. Bug fixes: - No longer supply bogus services to callbacks bsc1226586. - Tag hardening patches as PATCH-FEATURE-OPENSUSE - Remove dependency on /usr/bin/python3 using...

5.3CVSS7.1AI score0.00681EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/05/25 10:15 p.m.139 views

CVE-2023-31147

c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand so will generate predictable output. Input from the random number generator i...

6.5CVSS6.7AI score0.00905EPSS
Exploits0References3
Veracode
Veracode
added 2020/04/10 12:15 a.m.37 views

Denial Of Service (DoS)

ISC BIND is vulnerable to denial of service DoS. A flaw was found in the way BIND generates outbound DNS query ids. If an attacker is able to acquire a finite set of query IDs, it becomes possible to accurately predict future query IDs. Future query ID prediction may allow an attacker to conduct ...

4.3CVSS2.8AI score0.1309EPSS
Exploits0References71Affected Software1
Hacker One
Hacker One
added 2016/07/08 4:45 a.m.20 views

Bime: Attacker can access graphic representation of every query

Vulnerability details On a dashboard, widgets can be added to show a graphic representation of a query. These queries come from datasources. When creating a widget, a query ID is given. This query ID can be changed in order to obtain the results of the dataset through a scheduled email. This leak...

1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/04/14 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the N600 DB Belkin F9K1102 allows a hacker to replace the responses to requests.

The vulnerability of the N600 DB Belkin F9K1102 router’s microprogramming software exists due to the use of an incorrect algorithm for selecting the value of the ID in the DNS query header. Exploiting this vulnerability allows a malicious actor to replace the responses to queries by predicting th...

5CVSS7.9AI score0.01343EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.27 views

FreeBSD Security Advisory (FreeBSD-SA-07:07.bind.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:07.bind.asc ADV FreeBSD-SA-07:07.bind.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...

4.3CVSS7.7AI score0.1309EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/06 12:0 a.m.32 views

Fedora 7 : bind-9.4.1-7.P1.fc7 (2007-1247)

CVE-2007-2925 - allow-query-cache/allow-recursion default acls not set - workaround - disable recursion or explicitly set allow-query-cache and allow-recursion acls - CVE-2007-2926 - cryptographically weak query id generator - 1 in 8 chance of guessing the next query id for 50% of the query ids -...

5.8CVSS6.6AI score0.1309EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2007/08/27 12:0 a.m.22 views

ISC BIND < 8.4.7-P1 Outgoing Query Predictable DNS Query ID (deprecated)

Binary data 4195.prm...

4.3CVSS7.3AI score0.07585EPSS
Exploits0References2
OSV
OSV
added 2007/07/24 5:30 p.m.9 views

CVE-2007-2926

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

6.6AI score
Exploits0References67
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.28 views

ISC BIND DNS Query ID Field Prediction Cache Poisoning (deprecated)

Binary data 4578.prm...

6.8CVSS7.3AI score0.95182EPSS
Exploits20References2
CVE
CVE
added 1999/09/29 4:0 a.m.430 views

CVE-1999-0024

CVE-1999-0024 describes a DNS cache-poisoning flaw in BIND caused by predictable DNS query IDs. The connected sources consistently state DNS cache poisoning via BIND, with related discussions in Red Hat/Security advisories and CERT context. The materials do not provide a concrete patch version or...

5CVSS6.7AI score0.04935EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder