FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-1447

This CVE name corresponds to:

Entered Topic
2008-08-16 ruby -- DNS spoofing vulnerability
2008-07-13 FreeBSD -- DNS cache poisoning

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-1447 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-1447
Phase Assigned(20080321)

Description

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

References

Source Reference
BUGTRAQ 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
BUGTRAQ 20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability
FULLDISC 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
MILW0RM 6122
MILW0RM 6123
MILW0RM 6130
MISC http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html
MISC http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
MISC http://www.doxpara.com/?p=1176
MISC http://www.doxpara.com/DMK_BO2K8.ppt
MISC http://www.nominum.com/asset_upload_file741_2661.pdf
MISC http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
MISC http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
CONFIRM http://www.isc.org/index.pl?/sw/bind/bind-security.php
CONFIRM http://www.kb.cert.org/vuls/id/MIMG-7DWR4J
CONFIRM http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231
CONFIRM http://support.citrix.com/article/CTX117991
CONFIRM http://www.ipcop.org/index.php?name=News&file=article&sid=40
CONFIRM http://up2date.astaro.com/2008/08/up2date_7202_released.html
CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
CONFIRM http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
CONFIRM http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html
CONFIRM http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152
CONFIRM http://www.vmware.com/security/advisories/VMSA-2008-0014.html
CONFIRM http://support.apple.com/kb/HT3129
CONFIRM http://www.phys.uu.nl/~rombouts/pdnsd.html
CONFIRM http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
CONFIRM http://support.apple.com/kb/HT3026
CONFIRM http://support.citrix.com/article/CTX118183
CONFIRM http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q
CONFIRM http://www.novell.com/support/viewContent.do?externalId=7000912
CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
AIXAPAR IZ26667
AIXAPAR IZ26668
AIXAPAR IZ26669
AIXAPAR IZ26670
AIXAPAR IZ26671
AIXAPAR IZ26672
APPLE APPLE-SA-2008-07-31
APPLE APPLE-SA-2008-09-09
APPLE APPLE-SA-2008-09-12
APPLE APPLE-SA-2008-09-15
CISCO 20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
CISCO 20080708 Multiple Cisco Product Vulnerable to DNS Cache Poisoning Attacks
DEBIAN DSA-1603
DEBIAN DSA-1604
DEBIAN DSA-1605
DEBIAN DSA-1619
DEBIAN DSA-1623
FEDORA FEDORA-2008-6256
FEDORA FEDORA-2008-6281
FREEBSD FreeBSD-SA-08:06
GENTOO GLSA-200807-08
GENTOO GLSA-200812-17
GENTOO GLSA-201209-25
HP HPSBUX02351
HP SSRT080058
HP HPSBOV02357
HP HPSBTU02358
HP HPSBMP02404
HP SSRT090014
HP HPSBNS02405
HP SSRT071449
HP HPSBOV03226
HP SSRT101004
MANDRIVA MDVSA-2008:139
MS MS08-037
NETBSD NetBSD-SA2008-009
OPENBSD [4.2] 013: SECURITY FIX: July 23, 2008
OPENBSD [4.3] 004: SECURITY FIX: July 23, 2008
REDHAT RHSA-2008:0533
REDHAT RHSA-2008:0789
SLACKWARE SSA:2008-205-01
SLACKWARE SSA:2008-191
SUNALERT 239392
SUNALERT 240048
SUSE SUSE-SA:2008:033
SUSE SUSE-SR:2008:017
UBUNTU USN-622-1
UBUNTU USN-627-1
CERT TA08-190B
CERT TA08-190A
CERT TA08-260A
CERT-VN VU#800113
BID 30131
OVAL oval:org.mitre.oval:def:5725
OVAL oval:org.mitre.oval:def:5761
OVAL oval:org.mitre.oval:def:5917
OVAL oval:org.mitre.oval:def:9627
OVAL oval:org.mitre.oval:def:12117
VUPEN ADV-2008-2019
VUPEN ADV-2008-2023
VUPEN ADV-2008-2025
VUPEN ADV-2008-2029
VUPEN ADV-2008-2030
VUPEN ADV-2008-2113
VUPEN ADV-2008-2114
VUPEN ADV-2008-2123
VUPEN ADV-2008-2139
VUPEN ADV-2008-2166
VUPEN ADV-2008-2195
VUPEN ADV-2008-2196
VUPEN ADV-2008-2197
VUPEN ADV-2008-2268
VUPEN ADV-2008-2291
VUPEN ADV-2008-2342
VUPEN ADV-2008-2466
VUPEN ADV-2008-2467
VUPEN ADV-2008-2558
VUPEN ADV-2008-2584
VUPEN ADV-2008-2525
VUPEN ADV-2008-2582
VUPEN ADV-2008-2549
VUPEN ADV-2008-2050
VUPEN ADV-2008-2051
VUPEN ADV-2008-2052
VUPEN ADV-2008-2055
VUPEN ADV-2008-2092
VUPEN ADV-2008-2384
VUPEN ADV-2008-2482
VUPEN ADV-2008-2334
VUPEN ADV-2008-2377
VUPEN ADV-2008-2383
VUPEN ADV-2009-0297
VUPEN ADV-2009-0311
SECTRACK 1020438
SECTRACK 1020440
SECTRACK 1020437
SECTRACK 1020558
SECTRACK 1020560
SECTRACK 1020561
SECTRACK 1020575
SECTRACK 1020576
SECTRACK 1020577
SECTRACK 1020578
SECTRACK 1020579
SECTRACK 1020802
SECTRACK 1020651
SECTRACK 1020653
SECTRACK 1020448
SECTRACK 1020449
SECTRACK 1020548
SECTRACK 1020702
SECTRACK 1020804
SECUNIA 31019
SECUNIA 30925
SECUNIA 30973
SECUNIA 30977
SECUNIA 30979
SECUNIA 30980
SECUNIA 30988
SECUNIA 30989
SECUNIA 30998
SECUNIA 31011
SECUNIA 31014
SECUNIA 31031
SECUNIA 31052
SECUNIA 31033
SECUNIA 31094
SECUNIA 31072
SECUNIA 31093
SECUNIA 31143
SECUNIA 31137
SECUNIA 31151
SECUNIA 31152
SECUNIA 31153
SECUNIA 31169
SECUNIA 31209
SECUNIA 31212
SECUNIA 31199
SECUNIA 31197
SECUNIA 31213
SECUNIA 31221
SECUNIA 31207
SECUNIA 31236
SECUNIA 31254
SECUNIA 31204
SECUNIA 31326
SECUNIA 31237
SECUNIA 31354
SECUNIA 31451
SECUNIA 31588
SECUNIA 31687
SECUNIA 31900
SECUNIA 31882
SECUNIA 31823
SECUNIA 31422
SECUNIA 31012
SECUNIA 31022
SECUNIA 31030
SECUNIA 31065
SECUNIA 33178
SECUNIA 31430
SECUNIA 31482
SECUNIA 31495
SECUNIA 33714
SECUNIA 33786
VUPEN ADV-2010-0622
XF win-dns-client-server-spoofing(43334)
XF cisco-multiple-dns-cache-poisoning(43637)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.