// For flags

CVE-2007-2926

BIND 9 0.3beta - DNS Cache Poisoning

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.

ISC BIND 9 hasta 9.5.0a5 utiliza un número aleatorio debil a lo largo de la generación de la consulta DNS ids cuando se responde la pregunta a resolver o enviando mensajes NOTIFY a servidores de nombre esclavos, lo cual hace más fácil para atacantes remotos para adivinar la siguiente consulta id y llevar a cabo envenenamientos de la cache DNS.

Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. No update is required for BIND clients. Revision 2 of this advisory.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-05-30 CVE Reserved
  • 2007-07-24 CVE Published
  • 2007-08-07 First Exploit
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (70)
URL Tag Source
ftp://aix.software.ibm.com/aix/efixes/security/README X_refsource_confirm
http://docs.info.apple.com/article.html?artnum=307041 X_refsource_confirm
http://secunia.com/advisories/26148 Third Party Advisory
http://secunia.com/advisories/26160 Third Party Advisory
http://secunia.com/advisories/26180 Third Party Advisory
http://secunia.com/advisories/26195 Third Party Advisory
http://secunia.com/advisories/26217 Third Party Advisory
http://secunia.com/advisories/26227 Third Party Advisory
http://secunia.com/advisories/26231 Third Party Advisory
http://secunia.com/advisories/26236 Third Party Advisory
http://secunia.com/advisories/26261 Third Party Advisory
http://secunia.com/advisories/26308 Third Party Advisory
http://secunia.com/advisories/26330 Third Party Advisory
http://secunia.com/advisories/26509 Third Party Advisory
http://secunia.com/advisories/26515 Third Party Advisory
http://secunia.com/advisories/26531 Third Party Advisory
http://secunia.com/advisories/26605 Third Party Advisory
http://secunia.com/advisories/26607 Third Party Advisory
http://secunia.com/advisories/26847 Third Party Advisory
http://secunia.com/advisories/26925 Third Party Advisory
http://secunia.com/advisories/27643 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm X_refsource_confirm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903 X_refsource_confirm
http://www.isc.org/index.pl?/sw/bind/bind-security.php X_refsource_confirm
http://www.kb.cert.org/vuls/id/252735 Third Party Advisory
http://www.securiteam.com/securitynews/5VP0L0UM0A.html X_refsource_misc
http://www.securityfocus.com/archive/1/474516/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/474545/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/474808/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/474856/100/0/threaded Mailing List
http://www.securityfocus.com/bid/25037 Vdb Entry
http://www.securityfocus.com/bid/26444 Vdb Entry
http://www.securitytracker.com/id?1018442 Vdb Entry
http://www.trusteer.com/docs/bind9dns.html X_refsource_misc
http://www.trusteer.com/docs/bind9dns_s.html X_refsource_misc
http://www.us-cert.gov/cas/techalerts/TA07-319A.html Third Party Advisory
http://www.vupen.com/english/advisories/2007/2627 Vdb Entry
http://www.vupen.com/english/advisories/2007/2662 Vdb Entry
http://www.vupen.com/english/advisories/2007/2782 Vdb Entry
http://www.vupen.com/english/advisories/2007/2914 Vdb Entry
http://www.vupen.com/english/advisories/2007/2932 Vdb Entry
http://www.vupen.com/english/advisories/2007/3242 Vdb Entry
http://www.vupen.com/english/advisories/2007/3868 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/35575 Vdb Entry
https://issues.rpath.com/browse/RPL-1587 X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226 Signature
URL Date SRC
https://www.exploit-db.com/exploits/4266 2007-08-07
URL Date SRC
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc 2018-10-30
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426 2018-10-30
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600 2018-10-30
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368 2018-10-30
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html 2018-10-30
http://marc.info/?l=bugtraq&m=141879471518471&w=2 2018-10-30
http://secunia.com/advisories/26152 2018-10-30
http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc 2018-10-30
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1 2018-10-30
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only 2018-10-30
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only 2018-10-30
http://www.debian.org/security/2007/dsa-1341 2018-10-30
http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml 2018-10-30
http://www.mandriva.com/security/advisories?name=MDKSA-2007:149 2018-10-30
http://www.novell.com/linux/security/advisories/2007_47_bind.html 2018-10-30
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html 2018-10-30
http://www.redhat.com/support/errata/RHSA-2007-0740.html 2018-10-30
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385 2018-10-30
http://www.trustix.org/errata/2007/0023 2018-10-30
http://www.ubuntu.com/usn/usn-491-1 2018-10-30
https://access.redhat.com/security/cve/CVE-2007-2926 2007-07-24
https://bugzilla.redhat.com/show_bug.cgi?id=248851 2007-07-24
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.0
Search vendor "Isc" for product "Bind" and version "9.0"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.1
Search vendor "Isc" for product "Bind" and version "9.1"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.2
Search vendor "Isc" for product "Bind" and version "9.2"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.3
Search vendor "Isc" for product "Bind" and version "9.3"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.4
Search vendor "Isc" for product "Bind" and version "9.4"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5
Search vendor "Isc" for product "Bind" and version "9.5"
-
Affected
Isc
Search vendor "Isc"
 Bind
Search vendor "Isc" for product "Bind"
 9.5.0
Search vendor "Isc" for product "Bind" and version "9.5.0"
-
Affected