Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2007-2926
Description:ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
Test IDs: 1.3.6.1.4.1.25623.1.0.58513   1.3.6.1.4.1.25623.1.0.65424   1.3.6.1.4.1.25623.1.0.59766   1.3.6.1.4.1.25623.1.0.58932   1.3.6.1.4.1.25623.1.0.62336   1.3.6.1.4.1.25623.1.0.58816   1.3.6.1.4.1.25623.1.0.59264   1.3.6.1.4.1.25623.1.0.58554   1.3.6.1.4.1.25623.1.0.58512   1.3.6.1.4.1.25623.1.0.58473   1.3.6.1.4.1.25623.1.0.65512   1.3.6.1.4.1.25623.1.0.62335   1.3.6.1.4.1.25623.1.0.59179   1.3.6.1.4.1.25623.1.0.59581   1.3.6.1.4.1.25623.1.0.122672  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-2926
AIX APAR: IZ02218
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only
AIX APAR: IZ02219
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html
BugTraq ID: 25037
http://www.securityfocus.com/bid/25037
BugTraq ID: 26444
http://www.securityfocus.com/bid/26444
Bugtraq: 20070724 "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Google Search)
http://www.securityfocus.com/archive/1/474516/100/0/threaded
Bugtraq: 20070724 Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Google Search)
http://www.securityfocus.com/archive/1/474545/100/0/threaded
Bugtraq: 20070726 Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Google Search)
http://www.securityfocus.com/archive/1/474808/100/0/threaded
Bugtraq: 20070727 Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) (Google Search)
http://www.securityfocus.com/archive/1/474856/100/0/threaded
Cert/CC Advisory: TA07-319A
http://www.us-cert.gov/cas/techalerts/TA07-319A.html
CERT/CC vulnerability note: VU#252735
http://www.kb.cert.org/vuls/id/252735
Debian Security Information: DSA-1341 (Google Search)
http://www.debian.org/security/2007/dsa-1341
FreeBSD Security Advisory: FreeBSD-SA-07:07
http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc
http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml
HPdes Security Advisory: HPSBOV02261
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368
HPdes Security Advisory: HPSBOV03226
http://marc.info/?l=bugtraq&m=141879471518471&w=2
HPdes Security Advisory: HPSBTU02256
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600
HPdes Security Advisory: HPSBUX02251
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426
HPdes Security Advisory: SSRT071449
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426
HPdes Security Advisory: SSRT101004
http://marc.info/?l=bugtraq&m=141879471518471&w=2
http://www.mandriva.com/security/advisories?name=MDKSA-2007:149
http://www.securiteam.com/securitynews/5VP0L0UM0A.html
http://www.trusteer.com/docs/bind9dns.html
http://www.trusteer.com/docs/bind9dns_s.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226
RedHat Security Advisories: RHSA-2007:0740
http://www.redhat.com/support/errata/RHSA-2007-0740.html
http://www.securitytracker.com/id?1018442
http://secunia.com/advisories/26148
http://secunia.com/advisories/26152
http://secunia.com/advisories/26160
http://secunia.com/advisories/26180
http://secunia.com/advisories/26195
http://secunia.com/advisories/26217
http://secunia.com/advisories/26227
http://secunia.com/advisories/26231
http://secunia.com/advisories/26236
http://secunia.com/advisories/26261
http://secunia.com/advisories/26308
http://secunia.com/advisories/26330
http://secunia.com/advisories/26509
http://secunia.com/advisories/26515
http://secunia.com/advisories/26531
http://secunia.com/advisories/26605
http://secunia.com/advisories/26607
http://secunia.com/advisories/26847
http://secunia.com/advisories/26925
http://secunia.com/advisories/27643
SGI Security Advisory: 20070801-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1
SuSE Security Announcement: SUSE-SA:2007:047 (Google Search)
http://www.novell.com/linux/security/advisories/2007_47_bind.html
http://www.trustix.org/errata/2007/0023/
http://www.ubuntu.com/usn/usn-491-1
http://www.vupen.com/english/advisories/2007/2627
http://www.vupen.com/english/advisories/2007/2662
http://www.vupen.com/english/advisories/2007/2782
http://www.vupen.com/english/advisories/2007/2914
http://www.vupen.com/english/advisories/2007/2932
http://www.vupen.com/english/advisories/2007/3242
http://www.vupen.com/english/advisories/2007/3868
XForce ISS Database: isc-bind-queryid-spoofing(35575)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35575




© 1998-2024 E-Soft Inc. All rights reserved.