QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-2930

Back to search

CVE-2007-2930

Published: Sep 12, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors. NOTE: this issue is different from CVE-2007-2926.

VendorProductVersions

n/a

n/a

affected
n/a

References

200859
vendor-advisory
x_refsource_SUNALERT
ADV-2007-3936
vdb-entry
x_refsource_VUPEN
27433
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3192
vdb-entry
x_refsource_VUPEN
ADV-2007-2991
vdb-entry
x_refsource_VUPEN
HPSBUX02289
vendor-advisory
x_refsource_HP
26629
third-party-advisory
x_refsource_SECUNIA
1018615
vdb-entry
x_refsource_SECTRACK
27459
third-party-advisory
x_refsource_SECUNIA
25459
vdb-entry
x_refsource_BID
ADV-2007-3668
vdb-entry
x_refsource_VUPEN
27696
third-party-advisory
x_refsource_SECUNIA
27465
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3639
vdb-entry
x_refsource_VUPEN
26858
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:2154
vdb-entry
signature
x_refsource_OVAL
VU#927905
third-party-advisory
x_refsource_CERT-VN
103063
vendor-advisory
x_refsource_SUNALERT
SSRT071461
vendor-advisory
x_refsource_HP
R-333
third-party-advisory
government-resource
x_refsource_CIAC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now