CVE-2008-1447 Information

Description

The DNS protocol as implemented in (1) BIND 8 and 9 before 9.5.0-P1 9.4.2-P1 and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4 XP SP2 and SP3 and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers related to insufficient randomness of DNS transaction IDs and source ports aka \DNS Insufficient Socket Entropy Vulnerability\ or \the Kaminsky bug.\

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

Reference

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368 http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://marc.info/?l=bugtraq&m=121630706004256&w=2 http://marc.info/?l=bugtraq&m=121866517322103&w=2 http://marc.info/?l=bugtraq&m=123324863916385&w=2 http://marc.info/?l=bugtraq&m=141879471518471&w=2 http://rhn.redhat.com/errata/RHSA-2008-0533.html http://secunia.com/advisories/30925 http://secunia.com/advisories/30973 http://secunia.com/advisories/30977 http://secunia.com/advisories/30979 http://secunia.com/advisories/30980 http://secunia.com/advisories/30988 http://secunia.com/advisories/30989 http://secunia.com/advisories/30998 http://secunia.com/advisories/31011 http://secunia.com/advisories/31012 http://secunia.com/advisories/31014 http://secunia.com/advisories/31019 http://secunia.com/advisories/31022 http://secunia.com/advisories/31030 http://secunia.com/advisories/31031 http://secunia.com/advisories/31033 http://secunia.com/advisories/31052 http://secunia.com/advisories/31065 http://secunia.com/advisories/31072 http://secunia.com/advisories/31093 http://secunia.com/advisories/31094 http://secunia.com/advisories/31137 http://secunia.com/advisories/31143 http://secunia.com/advisories/31151 http://secunia.com/advisories/31152 http://secunia.com/advisories/31153 http://secunia.com/advisories/31169 http://secunia.com/advisories/31197 http://secunia.com/advisories/31199 http://secunia.com/advisories/31204 http://secunia.com/advisories/31207 http://secunia.com/advisories/31209 http://secunia.com/advisories/31212 http://secunia.com/advisories/31213 http://secunia.com/advisories/31221 http://secunia.com/advisories/31236 http://secunia.com/advisories/31237 http://secunia.com/advisories/31254 http://secunia.com/advisories/31326 http://secunia.com/advisories/31354 http://secunia.com/advisories/31422 http://secunia.com/advisories/31430 http://secunia.com/advisories/31451 http://secunia.com/advisories/31482 http://secunia.com/advisories/31495 http://secunia.com/advisories/31588 http://secunia.com/advisories/31687 http://secunia.com/advisories/31823 http://secunia.com/advisories/31882 http://secunia.com/advisories/31900 http://secunia.com/advisories/33178 http://secunia.com/advisories/33714 http://secunia.com/advisories/33786 http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc http://security.gentoo.org/glsa/glsa-200807-08.xml http://security.gentoo.org/glsa/glsa-200812-17.xml http://security.gentoo.org/glsa/glsa-201209-25.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1 http://support.apple.com/kb/HT3026 http://support.apple.com/kb/HT3129 http://support.citrix.com/article/CTX117991 http://support.citrix.com/article/CTX118183 http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152 http://up2date.astaro.com/2008/08/up2date_7202_released.html http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231 http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018 http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning http://www.caughq.org/exploits/CAU-EX-2008-0002.txt http://www.caughq.org/exploits/CAU-EX-2008-0003.txt http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml http://www.debian.org/security/2008/dsa-1603 http://www.debian.org/security/2008/dsa-1604 http://www.debian.org/security/2008/dsa-1605 http://www.debian.org/security/2008/dsa-1619 http://www.debian.org/security/2008/dsa-1623 http://www.doxpara.com/?p=1176 http://www.doxpara.com/DMK_BO2K8.ppt http://www.ibm.com/support/docview.wss?uid=isg1IZ26667 http://www.ibm.com/support/docview.wss?uid=isg1IZ26668 http://www.ibm.com/support/docview.wss?uid=isg1IZ26669 http://www.ibm.com/support/docview.wss?uid=isg1IZ26670 http://www.ibm.com/support/docview.wss?uid=isg1IZ26671 http://www.ibm.com/support/docview.wss?uid=isg1IZ26672 http://www.ipcop.org/index.php?name=News&file=article&sid=40 http://www.isc.org/index.pl?/sw/bind/bind-security.php http://www.kb.cert.org/vuls/id/800113 http://www.kb.cert.org/vuls/id/MIMG-7DWR4J http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q http://www.mandriva.com/security/advisories?name=MDVSA-2008:139 http://www.nominum.com/asset_upload_file741_2661.pdf http://www.novell.com/support/viewContent.do?externalId=7000912 http://www.openbsd.org/errata42.html013_bind http://www.openbsd.org/errata43.html004_bind http://www.phys.uu.nl/~rombouts/pdnsd.html http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog http://www.redhat.com/support/errata/RHSA-2008-0789.html http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ http://www.securityfocus.com/archive/1/495289/100/0/threaded http://www.securityfocus.com/archive/1/495869/100/0/threaded http://www.securityfocus.com/bid/30131 http://www.securitytracker.com/id?1020437 http://www.securitytracker.com/id?1020438 http://www.securitytracker.com/id?1020440 http://www.securitytracker.com/id?1020448 http://www.securitytracker.com/id?1020449 http://www.securitytracker.com/id?1020548 http://www.securitytracker.com/id?1020558 http://www.securitytracker.com/id?1020560 http://www.securitytracker.com/id?1020561 http://www.securitytracker.com/id?1020575 http://www.securitytracker.com/id?1020576 http://www.securitytracker.com/id?1020577 http://www.securitytracker.com/id?1020578 http://www.securitytracker.com/id?1020579 http://www.securitytracker.com/id?1020651 http://www.securitytracker.com/id?1020653 http://www.securitytracker.com/id?1020702 http://www.securitytracker.com/id?1020802 http://www.securitytracker.com/id?1020804 http://www.ubuntu.com/usn/usn-622-1 http://www.ubuntu.com/usn/usn-627-1 http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html http://www.us-cert.gov/cas/techalerts/TA08-190A.html http://www.us-cert.gov/cas/techalerts/TA08-190B.html http://www.us-cert.gov/cas/techalerts/TA08-260A.html http://www.vmware.com/security/advisories/VMSA-2008-0014.html http://www.vupen.com/english/advisories/2008/2019/references http://www.vupen.com/english/advisories/2008/2023/references http://www.vupen.com/english/advisories/2008/2025/references http://www.vupen.com/english/advisories/2008/2029/references http://www.vupen.com/english/advisories/2008/2030/references http://www.vupen.com/english/advisories/2008/2050/references http://www.vupen.com/english/advisories/2008/2051/references http://www.vupen.com/english/advisories/2008/2052/references http://www.vupen.com/english/advisories/2008/2055/references http://www.vupen.com/english/advisories/2008/2092/references http://www.vupen.com/english/advisories/2008/2113/references http://www.vupen.com/english/advisories/2008/2114/references http://www.vupen.com/english/advisories/2008/2123/references http://www.vupen.com/english/advisories/2008/2139/references http://www.vupen.com/english/advisories/2008/2166/references http://www.vupen.com/english/advisories/2008/2195/references http://www.vupen.com/english/advisories/2008/2196/references http://www.vupen.com/english/advisories/2008/2197/references http://www.vupen.com/english/advisories/2008/2268 http://www.vupen.com/english/advisories/2008/2291 http://www.vupen.com/english/advisories/2008/2334 http://www.vupen.com/english/advisories/2008/2342 http://www.vupen.com/english/advisories/2008/2377 http://www.vupen.com/english/advisories/2008/2383 http://www.vupen.com/english/advisories/2008/2384 http://www.vupen.com/english/advisories/2008/2466 http://www.vupen.com/english/advisories/2008/2467 http://www.vupen.com/english/advisories/2008/2482 http://www.vupen.com/english/advisories/2008/2525 http://www.vupen.com/english/advisories/2008/2549 http://www.vupen.com/english/advisories/2008/2558 http://www.vupen.com/english/advisories/2008/2582 http://www.vupen.com/english/advisories/2008/2584 http://www.vupen.com/english/advisories/2009/0297 http://www.vupen.com/english/advisories/2009/0311 http://www.vupen.com/english/advisories/2010/0622 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037 https://exchange.xforce.ibmcloud.com/vulnerabilities/43334 https://exchange.xforce.ibmcloud.com/vulnerabilities/43637 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A12117 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5725 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5761 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5917 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9627 https://www.exploit-db.com/exploits/6122 https://www.exploit-db.com/exploits/6123 https://www.exploit-db.com/exploits/6130 https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

6.8