|
 |
|
BIND Predictable DNS Query IDs Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA26152
|
|
|
Release Date:
|
2007-07-24
|
|
Last Update:
|
2007-08-28
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Spoofing
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | ISC BIND 9.2.x
ISC BIND 9.3.x
ISC BIND 9.4.x
|
| | CVE reference: | CVE-2007-2926 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Amit Klein has reported a vulnerability in BIND, which can be exploited by malicious people to poison the DNS cache.
The vulnerability is caused due to predictable query IDs in outgoing queries (e.g. if BIND works as resolver or when sending NOTIFYs to slaves) and can be exploited to poison the DNS cache when the query ID is guessed.
Reportedly, the chance to guess the next query ID for 50% of the queries (if the query ID is even) is 1 to 8.
The vulnerability is reported in the following versions:
* BIND 9.0 (all versions)
* BIND 9.1 (all versions)
* BIND 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.2.5, 9.2.6, 9.2.7, 9.2.8
* BIND 9.3.0, 9.3.1, 9.3.2, 9.3.3, 9.3.4
* BIND 9.4.0, 9.4.1
* BIND 9.5.0a1, 9.5.0a2, 9.5.0a3, 9.5.0a4, 9.5.0a5
Solution:
Update to BIND 9.2.8-P1, BIND 9.3.4-P1, BIND 9.4.1-P1.
Provided and/or discovered by:
Amit Klein
Changelog:
2007-07-30: Added link to US-CERT.
2007-08-28: Minor corrections.
Original Advisory:
ISC:
http://www.isc.org/index.pl?/sw/bind/bind-security.php
Tusteer:
http://www.trusteer.com/docs/bind9dns_s.html
Other References:
US-CERT VU#252735:
http://www.kb.cert.org/vuls/id/252735
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
9 Related Secunia Security Advisories
|
|
|
1. ISC BIND Query Port DNS Cache Poisoning
|
|
2. ISC BIND libbind "inet_network()" Off-By-One Vulnerability
|
|
3. ISC BIND "query_addsoa" Denial of Service
|
|
4. ISC BIND Denial of Service Vulnerabilities
|
|
5. BIND OpenSSL Vulnerabilities
|
|
6. ISC BIND Denial of Service Vulnerabilities
|
|
7. BIND Zone Transfer TSIG Handling Denial of Service
|
|
8. BIND Validator Denial of Service Vulnerability
|
|
9. ISC BIND Multiple Vulnerabilities
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
