CVE-2008-1447

Published: Jul 8, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

1020438

vdb-entry

x_refsource_SECTRACK

FEDORA-2008-6256

vendor-advisory

x_refsource_FEDORA

SUSE-SR:2008:017

vendor-advisory

x_refsource_SUSE

VU#800113

third-party-advisory

x_refsource_CERT-VN

31137

third-party-advisory

x_refsource_SECUNIA

31430

third-party-advisory

x_refsource_SECUNIA

http://www.kb.cert.org/vuls/id/MIMG-7DWR4J

x_refsource_CONFIRM

31169

third-party-advisory

x_refsource_SECUNIA

http://www.phys.uu.nl/~rombouts/pdnsd.html

x_refsource_CONFIRM

1020702

vdb-entry

x_refsource_SECTRACK

GLSA-201209-25

vendor-advisory

x_refsource_GENTOO

ADV-2008-2052

vdb-entry

x_refsource_VUPEN

1020561

vdb-entry

x_refsource_SECTRACK

http://www.vmware.com/security/advisories/VMSA-2008-0014.html

x_refsource_CONFIRM

HPSBOV03226

vendor-advisory

x_refsource_HP

1020578

vdb-entry

x_refsource_SECTRACK

FreeBSD-SA-08:06

vendor-advisory

x_refsource_FREEBSD

oval:org.mitre.oval:def:9627

vdb-entry

signature

x_refsource_OVAL

1020802

vdb-entry

x_refsource_SECTRACK

HPSBMP02404

vendor-advisory

x_refsource_HP

30131

vdb-entry

x_refsource_BID

[4.2] 013: SECURITY FIX: July 23, 2008

vendor-advisory

x_refsource_OPENBSD

31236

third-party-advisory

x_refsource_SECUNIA

APPLE-SA-2008-09-15

vendor-advisory

x_refsource_APPLE

1020651

vdb-entry

x_refsource_SECTRACK

1020437

vdb-entry

x_refsource_SECTRACK

31209

third-party-advisory

x_refsource_SECUNIA

31012

third-party-advisory

x_refsource_SECUNIA

31151

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2050

vdb-entry

x_refsource_VUPEN

http://support.citrix.com/article/CTX117991

x_refsource_CONFIRM

SSRT101004

vendor-advisory

x_refsource_HP

31237

third-party-advisory

x_refsource_SECUNIA

http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog

x_refsource_CONFIRM

APPLE-SA-2008-07-31

vendor-advisory

x_refsource_APPLE

win-dns-client-server-spoofing(43334)

vdb-entry

x_refsource_XF

31495

third-party-advisory

x_refsource_SECUNIA

6130

exploit

x_refsource_EXPLOIT-DB

20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

vendor-advisory

x_refsource_CISCO

1020579

vdb-entry

x_refsource_SECTRACK

http://www.nominum.com/asset_upload_file741_2661.pdf

x_refsource_MISC

1020653

vdb-entry

x_refsource_SECTRACK

30998

third-party-advisory

x_refsource_SECUNIA

DSA-1603

vendor-advisory

x_refsource_DEBIAN

ADV-2008-2525

vdb-entry

x_refsource_VUPEN

SUSE-SA:2008:033

vendor-advisory

x_refsource_SUSE

31094

third-party-advisory

x_refsource_SECUNIA

IZ26668

vendor-advisory

x_refsource_AIXAPAR

31687

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2025

vdb-entry

x_refsource_VUPEN

239392

vendor-advisory

x_refsource_SUNALERT

TA08-260A

third-party-advisory

x_refsource_CERT

31588

third-party-advisory

x_refsource_SECUNIA

31019

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2029

vdb-entry

x_refsource_VUPEN

SSRT080058

vendor-advisory

x_refsource_HP

6123

exploit

x_refsource_EXPLOIT-DB

IZ26671

vendor-advisory

x_refsource_AIXAPAR

FEDORA-2008-6281

vendor-advisory

x_refsource_FEDORA

ADV-2008-2268

vdb-entry

x_refsource_VUPEN

ADV-2009-0297

vdb-entry

x_refsource_VUPEN

HPSBUX02351

vendor-advisory

x_refsource_HP

31207

third-party-advisory

x_refsource_SECUNIA

31031

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2584

vdb-entry

x_refsource_VUPEN

31451

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2051

vdb-entry

x_refsource_VUPEN

30977

third-party-advisory

x_refsource_SECUNIA

RHSA-2008:0789

vendor-advisory

x_refsource_REDHAT

ADV-2008-2377

vdb-entry

x_refsource_VUPEN

HPSBNS02405

vendor-advisory

x_refsource_HP

1020558

vdb-entry

x_refsource_SECTRACK

31221

third-party-advisory

x_refsource_SECUNIA

RHSA-2008:0533

vendor-advisory

x_refsource_REDHAT

[4.3] 004: SECURITY FIX: July 23, 2008

vendor-advisory

x_refsource_OPENBSD

1020804

vdb-entry

x_refsource_SECTRACK

31143

third-party-advisory

x_refsource_SECUNIA

20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability

mailing-list

x_refsource_BUGTRAQ

ADV-2008-2195

vdb-entry

x_refsource_VUPEN

ADV-2008-2196

vdb-entry

x_refsource_VUPEN

33714

third-party-advisory

x_refsource_SECUNIA

HPSBTU02358

vendor-advisory

x_refsource_HP

33786

third-party-advisory

x_refsource_SECUNIA

1020448

vdb-entry

x_refsource_SECTRACK

31882

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2384

vdb-entry

x_refsource_VUPEN

IZ26669

vendor-advisory

x_refsource_AIXAPAR

http://up2date.astaro.com/2008/08/up2date_7202_released.html

x_refsource_CONFIRM

ADV-2008-2123

vdb-entry

x_refsource_VUPEN

http://support.apple.com/kb/HT3026

x_refsource_CONFIRM

31014

third-party-advisory

x_refsource_SECUNIA

30979

third-party-advisory

x_refsource_SECUNIA

1020575

vdb-entry

x_refsource_SECTRACK

http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

x_refsource_CONFIRM

ADV-2008-2482

vdb-entry

x_refsource_VUPEN

IZ26672

vendor-advisory

x_refsource_AIXAPAR

http://support.apple.com/kb/HT3129

x_refsource_CONFIRM

DSA-1619

vendor-advisory

x_refsource_DEBIAN

ADV-2008-2166

vdb-entry

x_refsource_VUPEN

31072

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2139

vdb-entry

x_refsource_VUPEN

oval:org.mitre.oval:def:5761

vdb-entry

signature

x_refsource_OVAL

ADV-2008-2092

vdb-entry

x_refsource_VUPEN

31482

third-party-advisory

x_refsource_SECUNIA

IZ26670

vendor-advisory

x_refsource_AIXAPAR

MDVSA-2008:139

vendor-advisory

x_refsource_MANDRIVA

oval:org.mitre.oval:def:5917

vdb-entry

signature

x_refsource_OVAL

30989

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2055

vdb-entry

x_refsource_VUPEN

SSRT071449

vendor-advisory

x_refsource_HP

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152

x_refsource_CONFIRM

http://www.ipcop.org/index.php?name=News&file=article&sid=40

x_refsource_CONFIRM

31065

third-party-advisory

x_refsource_SECUNIA

31254

third-party-advisory

x_refsource_SECUNIA

20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.

mailing-list

x_refsource_BUGTRAQ

http://www.doxpara.com/?p=1176

x_refsource_MISC

USN-627-1

vendor-advisory

x_refsource_UBUNTU

ADV-2010-0622

vdb-entry

x_refsource_VUPEN

1020576

vdb-entry

x_refsource_SECTRACK

http://www.isc.org/index.pl?/sw/bind/bind-security.php

x_refsource_CONFIRM

HPSBOV02357

vendor-advisory

x_refsource_HP

31153

third-party-advisory

x_refsource_SECUNIA

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231

x_refsource_CONFIRM

ADV-2008-2549

vdb-entry

x_refsource_VUPEN

IZ26667

vendor-advisory

x_refsource_AIXAPAR

http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html

x_refsource_CONFIRM

31213

third-party-advisory

x_refsource_SECUNIA

31030

third-party-advisory

x_refsource_SECUNIA

USN-622-1

vendor-advisory

x_refsource_UBUNTU

31033

third-party-advisory

x_refsource_SECUNIA

http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html

x_refsource_MISC

1020440

vdb-entry

x_refsource_SECTRACK

APPLE-SA-2008-09-12

vendor-advisory

x_refsource_APPLE

http://www.doxpara.com/DMK_BO2K8.ppt

x_refsource_MISC

20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.

mailing-list

x_refsource_FULLDISC

DSA-1604

vendor-advisory

x_refsource_DEBIAN

31823

third-party-advisory

x_refsource_SECUNIA

31326

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2558

vdb-entry

x_refsource_VUPEN

6122

exploit

x_refsource_EXPLOIT-DB

oval:org.mitre.oval:def:5725

vdb-entry

signature

x_refsource_OVAL

http://www.caughq.org/exploits/CAU-EX-2008-0003.txt

x_refsource_MISC

cisco-multiple-dns-cache-poisoning(43637)

vdb-entry

x_refsource_XF

ADV-2008-2383

vdb-entry

x_refsource_VUPEN

1020560

vdb-entry

x_refsource_SECTRACK

31900

third-party-advisory

x_refsource_SECUNIA

http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q

x_refsource_CONFIRM

http://support.citrix.com/article/CTX118183

x_refsource_CONFIRM

30925

third-party-advisory

x_refsource_SECUNIA

ADV-2009-0311

vdb-entry

x_refsource_VUPEN

http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

x_refsource_CONFIRM

DSA-1623

vendor-advisory

x_refsource_DEBIAN

ADV-2008-2582

vdb-entry

x_refsource_VUPEN

http://www.caughq.org/exploits/CAU-EX-2008-0002.txt

x_refsource_MISC

DSA-1605

vendor-advisory

x_refsource_DEBIAN

http://www.novell.com/support/viewContent.do?externalId=7000912

x_refsource_CONFIRM

http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning

x_refsource_CONFIRM

ADV-2008-2342

vdb-entry

x_refsource_VUPEN

ADV-2008-2114

vdb-entry

x_refsource_VUPEN

30973

third-party-advisory

x_refsource_SECUNIA

31204

third-party-advisory

x_refsource_SECUNIA

31354

third-party-advisory

x_refsource_SECUNIA

GLSA-200812-17

vendor-advisory

x_refsource_GENTOO

oval:org.mitre.oval:def:12117

vdb-entry

signature

x_refsource_OVAL

33178

third-party-advisory

x_refsource_SECUNIA

30988

third-party-advisory

x_refsource_SECUNIA

APPLE-SA-2008-09-09

vendor-advisory

x_refsource_APPLE

31011

third-party-advisory

x_refsource_SECUNIA

http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html

x_refsource_MISC

ADV-2008-2334

vdb-entry

x_refsource_VUPEN

1020577

vdb-entry

x_refsource_SECTRACK

31422

third-party-advisory

x_refsource_SECUNIA

31197

third-party-advisory

x_refsource_SECUNIA

1020548

vdb-entry

x_refsource_SECTRACK

ADV-2008-2467

vdb-entry

x_refsource_VUPEN

240048

vendor-advisory

x_refsource_SUNALERT

TA08-190B

third-party-advisory

x_refsource_CERT

TA08-190A

third-party-advisory

x_refsource_CERT

GLSA-200807-08

vendor-advisory

x_refsource_GENTOO

31022

third-party-advisory

x_refsource_SECUNIA

SSA:2008-191

vendor-advisory

x_refsource_SLACKWARE

1020449

vdb-entry

x_refsource_SECTRACK

31093

third-party-advisory

x_refsource_SECUNIA

31052

third-party-advisory

x_refsource_SECUNIA

30980

third-party-advisory

x_refsource_SECUNIA

SSA:2008-205-01

vendor-advisory

x_refsource_SLACKWARE

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

x_refsource_CONFIRM

31199

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2030

vdb-entry

x_refsource_VUPEN

ADV-2008-2291

vdb-entry

x_refsource_VUPEN

ADV-2008-2023

vdb-entry

x_refsource_VUPEN

SSRT090014

vendor-advisory

x_refsource_HP

ADV-2008-2466

vdb-entry

x_refsource_VUPEN

MS08-037

vendor-advisory

x_refsource_MS

31212

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2113

vdb-entry

x_refsource_VUPEN

31152

third-party-advisory

x_refsource_SECUNIA

ADV-2008-2019

vdb-entry

x_refsource_VUPEN

ADV-2008-2197

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2008-1447

Description

Affected Products

References