Gentoo Linux Security Advisory GLSA 200708-13 - Amit Klein from Trusteer reported that the random number generator of ISC BIND leads, half the time, to predictable (1 chance to 8) query IDs in the resolver routine or in zone transfer queries. Additionally, the default configuration file has been strengthen with respect to the allow-recursion{} and the allow-query{} options. Versions less than 9.4.1_p1 are affected.
5da141c36e04d27b30083b6e175c74631ce6cba67656598621238778516c2f70
Mandriva Linux Security Advisory - The DNS query id generation code in BIND9 is vulnerable to cryptographic analysis which provides a 1-in-8 change of guessing the next query ID for 50% of the query IDs, which could be used by a remote attacker to perform cache poisoning by an attacker. As well, in BIND9 9.4.x, the default ACLs were note being correctly set, which could allow anyone to make recursive queries and/or query the cache contents.
6b86dfec16962004867daf39c7cfdac46f389704063d633f444e270dcfe9bb1b
OpenPKG Security Advisory - BIND 9 versions 9.4.1-P1 and below suffer from multiple vulnerabilities that allow for recursive queries and cache poisoning.
c368a04ffba7fa0bd16a6fd660ba328818e7e86d86faf603e8fd15ff53b9f706