Oval Definition:oval:org.mitre.oval:def:10293
Revision Date:2013-04-29Version:12
Title:ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
Description:ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2007-2926
Platform(s):CentOS Linux 3
CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • OS Section: RHEL3, CentOS3
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • bind-utils is earlier than 20:9.2.4-21.el3
  • OR bind-devel is earlier than 20:9.2.4-21.el3
  • OR bind-chroot is earlier than 20:9.2.4-21.el3
  • OR bind is earlier than 20:9.2.4-21.el3
  • OR bind-libs is earlier than 20:9.2.4-21.el3
  • OR OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • bind-utils is earlier than 20:9.2.4-27.0.1.el4
  • OR bind-devel is earlier than 20:9.2.4-27.0.1.el4
  • OR bind-chroot is earlier than 20:9.2.4-27.0.1.el4
  • OR bind is earlier than 20:9.2.4-27.0.1.el4
  • OR bind-libs is earlier than 20:9.2.4-27.0.1.el4
  • OR OS Section: RHEL5, CentOS5, Oracle Linux 5
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • bind-utils is earlier than 30:9.3.3-9.0.1.el5
  • OR bind-libbind-devel is earlier than 30:9.3.3-9.0.1.el5
  • OR bind-devel is earlier than 30:9.3.3-9.0.1.el5
  • OR bind-chroot is earlier than 30:9.3.3-9.0.1.el5
  • OR caching-nameserver is earlier than 30:9.3.3-9.0.1.el5
  • OR bind-sdb is earlier than 30:9.3.3-9.0.1.el5
  • OR bind is earlier than 30:9.3.3-9.0.1.el5
  • OR bind-libs is earlier than 30:9.3.3-9.0.1.el5
    • BACK