QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-2926

Back to search

CVE-2007-2926

Published: Jul 24, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.

VendorProductVersions

n/a

n/a

affected
n/a

References

26231
third-party-advisory
x_refsource_SECUNIA
ADV-2007-2932
vdb-entry
x_refsource_VUPEN
HPSBOV03226
vendor-advisory
x_refsource_HP
26847
third-party-advisory
x_refsource_SECUNIA
IZ02218
vendor-advisory
x_refsource_AIXAPAR
ADV-2007-2914
vdb-entry
x_refsource_VUPEN
RHSA-2007:0740
vendor-advisory
x_refsource_REDHAT
26217
third-party-advisory
x_refsource_SECUNIA
SSRT101004
vendor-advisory
x_refsource_HP
26509
third-party-advisory
x_refsource_SECUNIA
HPSBOV02261
vendor-advisory
x_refsource_HP
26444
vdb-entry
x_refsource_BID
HPSBUX02251
vendor-advisory
x_refsource_HP
26605
third-party-advisory
x_refsource_SECUNIA
103018
vendor-advisory
x_refsource_SUNALERT
MDKSA-2007:149
vendor-advisory
x_refsource_MANDRIVA
26607
third-party-advisory
x_refsource_SECUNIA
26148
third-party-advisory
x_refsource_SECUNIA
FreeBSD-SA-07:07
vendor-advisory
x_refsource_FREEBSD
VU#252735
third-party-advisory
x_refsource_CERT-VN
26180
third-party-advisory
x_refsource_SECUNIA
GLSA-200708-13
vendor-advisory
x_refsource_GENTOO
26152
third-party-advisory
x_refsource_SECUNIA
2007-0023
vendor-advisory
x_refsource_TRUSTIX
SSA:2007-207-01
vendor-advisory
x_refsource_SLACKWARE
APPLE-SA-2007-11-14
vendor-advisory
x_refsource_APPLE
IZ02219
vendor-advisory
x_refsource_AIXAPAR
isc-bind-queryid-spoofing(35575)
vdb-entry
x_refsource_XF
ADV-2007-2782
vdb-entry
x_refsource_VUPEN
26227
third-party-advisory
x_refsource_SECUNIA
26261
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3868
vdb-entry
x_refsource_VUPEN
25037
vdb-entry
x_refsource_BID
26515
third-party-advisory
x_refsource_SECUNIA
USN-491-1
vendor-advisory
x_refsource_UBUNTU
26330
third-party-advisory
x_refsource_SECUNIA
HPSBTU02256
vendor-advisory
x_refsource_HP
1018442
vdb-entry
x_refsource_SECTRACK
DSA-1341
vendor-advisory
x_refsource_DEBIAN
26308
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2007:047
vendor-advisory
x_refsource_SUSE
ADV-2007-2627
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:2226
vdb-entry
signature
x_refsource_OVAL
27643
third-party-advisory
x_refsource_SECUNIA
26236
third-party-advisory
x_refsource_SECUNIA
ADV-2007-2662
vdb-entry
x_refsource_VUPEN
26195
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3242
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:10293
vdb-entry
signature
x_refsource_OVAL
OpenPKG-SA-2007.022
vendor-advisory
x_refsource_OPENPKG
TA07-319A
third-party-advisory
x_refsource_CERT
26925
third-party-advisory
x_refsource_SECUNIA
26160
third-party-advisory
x_refsource_SECUNIA
SSRT071449
vendor-advisory
x_refsource_HP
26531
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now