Oval Definition:	oval:org.mitre.oval:def:2154
Revision Date: 2007-11-19 Version: 17 Title: Security Vulnerability in BIND 8 May Allow Cache Poisoning Attack Description: The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches via unknown vectors. NOTE: this issue is different from CVE-2007-2926. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2007-2930 Platform(s): Sun Solaris 8 Sun Solaris 9 Product(s): Definition Synopsis Software Section Solaris 8 (SPARC) meets Sun Alert 103063 Solaris 8 (SPARC) is installed AND NOT Patch 109326-20 or later installed OR Solaris 8 (x86) meets Sun Alert 103063 Solaris 8 (x86) is installed AND NOT Patch 109327-20 or later installed OR Solaris 9 (SPARC) meets Sun Alert 103063 Solaris 9 (SPARC) is installed AND NOT Patch 112837-14 or later installed OR Solaris 9 (x86) meets Sun Alert 103063 Solaris 9 (x86) is installed AND NOT Patch 114265-13 or later installed AND in.named running
BACK