Overview
ISC (Internet Systems Consortiuim) BIND generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches.
Description
From the ISC Bind security page: The DNS query id generation is vulnerable to cryptographic analysis which provides a 1 in 8 chance of guessing the next query id for 50% of the query ids. This can be used to perform cache poisoning by an attacker. |
Impact
A remote attacker could predict DNS query IDs and respond with arbitrary answers, thus poisoning DNS caches. |
Solution
Upgrade or Patch
|
Vendor Information
Debian GNU/Linux Affected
Notified: July 26, 2007 Updated: July 30, 2007
Status
Affected
Vendor Statement
The Debian project has fixed this vulnerability in its stable distribution Debian GNU/Linux 4.0 in version 9.3.4-2etch1 of bind9 and in its old stable distribution Debian GNU/Linux 3.1 in version 9.2.4-1sarge3 of bind9 via Debian Security Advisory 1341 as in
<http://www.debian.org/security/2007/dsa-1341>
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
See http://www.debian.org/security/2007/dsa-1341 for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Fujitsu Affected
Notified: July 26, 2007 Updated: October 01, 2007
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Internet Software Consortium Affected
Updated: July 27, 2007
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
See http://www.isc.org/sw/bind/bind-security.php for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Openwall GNU/*/Linux Affected
Notified: July 26, 2007 Updated: August 08, 2007
Status
Affected
Vendor Statement
This weakness has been corrected for Openwall GNU/*/Linux (Owl) 2.0-stable and Owl-current as of 2007/07/30 by updating the BIND package to version 9.3.4-P1.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Red Hat, Inc. Affected
Notified: July 26, 2007 Updated: July 28, 2007
Status
Affected
Vendor Statement
This issue affected the Bind package as shipped with Red Hat Enterprise Linux 2.1, 4, 4, and 5. Updated packages to correct this issue are available along with our advisories at the URLs below and via Red Hat Network.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
SUSE Linux Affected
Notified: July 26, 2007 Updated: August 03, 2007
Status
Affected
Vendor Statement
SUSE is affected by VU#252735 (CVE-2007-2926) and has released updates for it. Our advisory is at:
http://www.novell.com/linux/security/advisories/2007_47_bind.html
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Sun Microsystems, Inc. Affected
Notified: July 26, 2007 Updated: August 03, 2007
Status
Affected
Vendor Statement
Solaris 10 is affected by this issue. Sun has published Sun Alert 103018 for this issue which is available here:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Ubuntu Affected
Notified: July 26, 2007 Updated: August 06, 2008
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
See http://www.ubuntu.com/usn/usn-491-1 for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
EMC Corporation Not Affected
Notified: July 26, 2007 Updated: July 30, 2007
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Hitachi Not Affected
Notified: July 26, 2007 Updated: July 30, 2007
Status
Not Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Apple Computer, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Conectiva Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Cray Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Engarde Secure Linux Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
F5 Networks, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Fedora Project Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
FreeBSD, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Gentoo Linux Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Hewlett-Packard Company Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM Corporation Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM Corporation (zseries) Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
IBM eServer Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Immunix Communications, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Ingrian Networks, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Juniper Networks, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Mandriva, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Microsoft Corporation Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
MontaVista Software, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
NEC Corporation Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
NetBSD Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Novell, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
OpenBSD Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
QNX, Software Systems, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Silicon Graphics, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Slackware Linux Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Sony Corporation Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
The SCO Group Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Trustix Secure Linux Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Turbolinux Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Unisys Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Wind River Systems, Inc. Unknown
Notified: July 26, 2007 Updated: July 26, 2007
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was reported by ISC who credit Amit Klein from Trusteer.
This document was written by Ryan Giobbi.
Other Information
| CVE IDs: | CVE-2007-2926 |
| Severity Metric: | 3.83 |
| Date Public: | 2007-07-24 |
| Date First Published: | 2007-07-27 |
| Date Last Updated: | 2008-08-06 13:02 UTC |
| Document Revision: | 27 |