what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2007-2926

Status Candidate

Overview

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.

Related Files

HP Security Bulletin HPSBOV03226 2
Posted Jan 30, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03226 2 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. No update is required for BIND clients. Revision 2 of this advisory.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2006-4096, CVE-2007-2926, CVE-2008-1447, CVE-2009-0025, CVE-2011-4313, CVE-2012-4244
SHA-256 | 4935d3f1fb7ea8e8542d5095cd4cb2b982b905b4752fdda66d72da48b1f6e88d
HP Security Bulletin HPSBOV03226 1
Posted Dec 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03226 1 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2006-4096, CVE-2007-2926, CVE-2008-1447, CVE-2009-0025, CVE-2011-4313, CVE-2012-4244
SHA-256 | 1857a5c488eb234718c79babaf33fe34e2dcf8b047d172d2c3860ec769591b8e
HP Security Bulletin 2007-14.49
Posted Sep 25, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been reported with HP OpenVMS when running BIND version 9.2.1 or BIND version 9.3.1. The vulnerability could be exploited remotely to cause DNS cache poisoning.

tags | advisory
advisories | CVE-2007-2926
SHA-256 | a09bb19b0c9c8af48d1806be27cd1696888c513b5a7c7255717f872f8899b441
Gentoo Linux Security Advisory 200708-13
Posted Aug 20, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-13 - Amit Klein from Trusteer reported that the random number generator of ISC BIND leads, half the time, to predictable (1 chance to 8) query IDs in the resolver routine or in zone transfer queries. Additionally, the default configuration file has been strengthen with respect to the allow-recursion{} and the allow-query{} options. Versions less than 9.4.1_p1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-2925, CVE-2007-2926
SHA-256 | 5da141c36e04d27b30083b6e175c74631ce6cba67656598621238778516c2f70
HP Security Bulletin 2007-14.49
Posted Aug 8, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to poison the DNS cache.

tags | advisory
systems | hpux
advisories | CVE-2007-2926
SHA-256 | d938f8755a2b2e12e0b9d6384c695b73abab4ee365c4eb74e0f96fd31d576393
FreeBSD-SA-07-07.bind.txt
Posted Aug 8, 2007
Site security.freebsd.org

FreeBSD Security Advisory - An attacker who can see the query id for some request(s) sent by named(8) is likely to be able to perform DNS cache poisoning by predicting the query id for other request(s).

tags | advisory
systems | freebsd
advisories | CVE-2007-2926
SHA-256 | 85b9dc46bf51bf97e6c2530765f1006e835e54646ea613fdacc90affeb633d73
Debian Linux Security Advisory 1341-2
Posted Jul 28, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1341-2 - Amit Klein discovered that the BIND name server generates predictable DNS query IDs, which may lead to cache poisoning attacks.

tags | advisory
systems | linux, debian
advisories | CVE-2007-2926
SHA-256 | a5b2214deba9352dcd74154909bb246ee3cd56b4ed5a3a778239c15f311a5715
Mandriva Linux Security Advisory 2007.149
Posted Jul 26, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The DNS query id generation code in BIND9 is vulnerable to cryptographic analysis which provides a 1-in-8 change of guessing the next query ID for 50% of the query IDs, which could be used by a remote attacker to perform cache poisoning by an attacker. As well, in BIND9 9.4.x, the default ACLs were note being correctly set, which could allow anyone to make recursive queries and/or query the cache contents.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2007-2926, CVE-2007-2925
SHA-256 | 6b86dfec16962004867daf39c7cfdac46f389704063d633f444e270dcfe9bb1b
Debian Linux Security Advisory 1341-1
Posted Jul 26, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1341-1 - Amit Klein discovered that the BIND name server generates predictable DNS query IDs, which may lead to cache poisoning attacks.

tags | advisory
systems | linux, debian
advisories | CVE-2007-2926
SHA-256 | 88410bd247777324f4bc7b4a5f630f56927bb335206462a9bc6b463559bd8022
Ubuntu Security Notice 491-1
Posted Jul 26, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 491-1 - A flaw was discovered in Bind's sequence number generator. A remote attacker could calculate future sequence numbers and send forged DNS query responses. This could lead to client connections being directed to attacker-controlled hosts, resulting in credential theft and other attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2007-2926
SHA-256 | bff534758165f1f2510a0d68e2038678636558282c0ef43fb9ce4fc837514132
OpenPKG Security Advisory 2007.22
Posted Jul 26, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - BIND 9 versions 9.4.1-P1 and below suffer from multiple vulnerabilities that allow for recursive queries and cache poisoning.

tags | advisory, vulnerability
advisories | CVE-2007-2925, CVE-2007-2926
SHA-256 | c368a04ffba7fa0bd16a6fd660ba328818e7e86d86faf603e8fd15ff53b9f706
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close