National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2007-2926 Detail

Description

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.

Source:  MITRE      Last Modified:  07/24/2007

Quick Info

CVE Dictionary Entry:
CVE-2007-2926
Original release date:
07/24/2007
Last revised:
10/10/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
4.3 MEDIUM
Vector:
(AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)
Impact Subscore:
2.9
Exploitability Subscore:
8.6
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
Medium
Authentication:
Not required to exploit
Impact Type:
Allows unauthorized modification

Vendor Statements (disclaimer)

Official Statement from Red Hat (03/28/2008)

Updates are available for Red Hat Enterprise Linux 2.1, 3, 4, and 5 to correct this issue: http://rhn.redhat.com/errata/RHSA-2007-0740.html

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
ftp://aix.software.ibm.com/aix/efixes/security/README External Source CONFIRM ftp://aix.software.ibm.com/aix/efixes/security/README
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc External Source SGI 20070801-01-P
http://docs.info.apple.com/article.html?artnum=307041 External Source CONFIRM http://docs.info.apple.com/article.html?artnum=307041
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426 External Source HP SSRT071449
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600 External Source HP HPSBTU02256
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368 External Source HP HPSBOV02261
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html External Source APPLE APPLE-SA-2007-11-14
http://marc.info/?l=bugtraq&m=141879471518471&w=2 External Source HP SSRT101004
http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc External Source FREEBSD FreeBSD-SA-07:07
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1 External Source SUNALERT 103018
http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm External Source CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903 External Source CONFIRM http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903
http://www.debian.org/security/2007/dsa-1341 External Source DEBIAN DSA-1341
http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml External Source GENTOO GLSA-200708-13
http://www.isc.org/index.pl?/sw/bind/bind-security.php External Source CONFIRM http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/252735 US Government Resource External Source CERT-VN VU#252735
http://www.mandriva.com/security/advisories?name=MDKSA-2007:149 External Source MANDRIVA MDKSA-2007:149
http://www.novell.com/linux/security/advisories/2007_47_bind.html External Source SUSE SUSE-SA:2007:047
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html External Source OPENPKG OpenPKG-SA-2007.022
http://www.redhat.com/support/errata/RHSA-2007-0740.html External Source REDHAT RHSA-2007:0740
http://www.securiteam.com/securitynews/5VP0L0UM0A.html External Source MISC http://www.securiteam.com/securitynews/5VP0L0UM0A.html
http://www.securityfocus.com/archive/1/474545/100/0/threaded External Source BUGTRAQ 20070724 Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)
http://www.securityfocus.com/archive/1/474856/100/0/threaded External Source BUGTRAQ 20070727 Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)
http://www.securityfocus.com/archive/1/archive/1/474516/100/0/threaded External Source BUGTRAQ 20070724 "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)
http://www.securityfocus.com/archive/1/archive/1/474808/100/0/threaded External Source BUGTRAQ 20070726 Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)
http://www.securityfocus.com/bid/25037 External Source BID 25037
http://www.securityfocus.com/bid/26444 External Source BID 26444
http://www.securitytracker.com/id?1018442 External Source SECTRACK 1018442
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385 External Source SLACKWARE SSA:2007-207-01
http://www.trusteer.com/docs/bind9dns.html External Source MISC http://www.trusteer.com/docs/bind9dns.html
http://www.trusteer.com/docs/bind9dns_s.html External Source MISC http://www.trusteer.com/docs/bind9dns_s.html
http://www.trustix.org/errata/2007/0023/ External Source TRUSTIX 2007-0023
http://www.ubuntu.com/usn/usn-491-1 External Source UBUNTU USN-491-1
http://www.us-cert.gov/cas/techalerts/TA07-319A.html US Government Resource External Source CERT TA07-319A
http://www.vupen.com/english/advisories/2007/2627 External Source VUPEN ADV-2007-2627
http://www.vupen.com/english/advisories/2007/2662 External Source VUPEN ADV-2007-2662
http://www.vupen.com/english/advisories/2007/2782 External Source VUPEN ADV-2007-2782
http://www.vupen.com/english/advisories/2007/2914 External Source VUPEN ADV-2007-2914
http://www.vupen.com/english/advisories/2007/2932 External Source VUPEN ADV-2007-2932
http://www.vupen.com/english/advisories/2007/3242 External Source VUPEN ADV-2007-3242
http://www.vupen.com/english/advisories/2007/3868 External Source VUPEN ADV-2007-3868
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only External Source AIXAPAR IZ02218
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only External Source AIXAPAR IZ02219
https://exchange.xforce.ibmcloud.com/vulnerabilities/35575 External Source XF isc-bind-queryid-spoofing(35575)
https://issues.rpath.com/browse/RPL-1587 External Source CONFIRM https://issues.rpath.com/browse/RPL-1587
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293 External Source OVAL oval:org.mitre.oval:def:10293
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226 External Source OVAL oval:org.mitre.oval:def:2226

References to Check Content

Identifier:
oval:org.mitre.oval:def:10293
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10293
Identifier:
oval:org.mitre.oval:def:2226
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:2226

Technical Details

Vulnerability Type (View All)

Change History 4 change records found - show changes