Amit Klein found that the random number generator used by the BIND name server to compute DNS query IDs generates predictable values. Remote attackers could exploit this flaw to conduct DNS cache poisoning attacks (CVE-2007-2926).
There is no known workaround, please install the update packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Server | 10.1 | ia64 | bind-utils | < 9.3.4-1.16 | bind-utils-9.3.4-1.16.ia64.rpm |
SUSE Linux Enterprise SDK | 10 | i586 | bind | < 9.3.4-1.16 | bind-9.3.4-1.16.i586.rpm |
openSUSE | 10.1 | x86_64 | bind-utils | < 9.3.2-17.18 | bind-utils-9.3.2-17.18.x86_64.rpm |
SUSE Linux Enterprise Server | 10.1 | ia64 | bind-libs | < 9.3.4-1.16 | bind-libs-9.3.4-1.16.ia64.rpm |
SUSE Linux Enterprise Server | 10.1 | ppc | bind-libs | < 9.3.4-1.16 | bind-libs-9.3.4-1.16.ppc.rpm |
SUSE Linux Enterprise SDK | 10 | s390x | bind | < 9.3.4-1.16 | bind-9.3.4-1.16.s390x.rpm |
openSUSE | 10.0 | ppc | bind-libs | < 9.3.2-56.3 | bind-libs-9.3.2-56.3.ppc.rpm |
SUSE Linux Enterprise SDK | 10 | x86_64 | bind | < 9.3.4-1.16 | bind-9.3.4-1.16.x86_64.rpm |
openSUSE | 10.2 | x86_64 | bind | < 9.3.2-56.3 | bind-9.3.2-56.3.x86_64.rpm |
openSUSE | 10.1 | i586 | bind | < 9.3.2-17.18 | bind-9.3.2-17.18.i586.rpm |