Oval Definition:oval:org.mitre.oval:def:9627
Revision Date:2013-04-29Version:13
Title:The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Description:The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-1447
Platform(s):CentOS Linux 3
CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • OS Section: RHEL3, CentOS3
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • bind-utils is earlier than 20:9.2.4-22.el3
  • OR bind-devel is earlier than 20:9.2.4-22.el3
  • OR bind-chroot is earlier than 20:9.2.4-22.el3
  • OR bind is earlier than 20:9.2.4-22.el3
  • OR bind-libs is earlier than 20:9.2.4-22.el3
  • OR OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • bind-utils is earlier than 20:9.2.4-28.0.1.el4
  • OR bind-devel is earlier than 20:9.2.4-28.0.1.el4
  • OR bind-chroot is earlier than 20:9.2.4-28.0.1.el4
  • OR selinux-policy-targeted is earlier than 0:1.17.30-2.150.el4
  • OR selinux-policy-targeted-sources is earlier than 0:1.17.30-2.150.el4
  • OR bind is earlier than 20:9.2.4-28.0.1.el4
  • OR bind-libs is earlier than 20:9.2.4-28.0.1.el4
  • OR OS Section: RHEL5, CentOS5, Oracle Linux 5
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • bind-libbind-devel is earlier than 30:9.3.4-6.0.2.P1.el5_2
  • OR bind-devel is earlier than 30:9.3.4-6.0.2.P1.el5_2
  • OR bind-chroot is earlier than 30:9.3.4-6.0.2.P1.el5_2
  • OR selinux-policy-targeted is earlier than 0:2.4.6-137.1.el5_2
  • OR dnsmasq is earlier than 0:2.45-1.el5_2.1
  • OR bind-sdb is earlier than 30:9.3.4-6.0.2.P1.el5_2
  • OR bind is earlier than 30:9.3.4-6.0.2.P1.el5_2
  • OR bind-utils is earlier than 30:9.3.4-6.0.2.P1.el5_2
  • OR selinux-policy-devel is earlier than 0:2.4.6-137.1.el5_2
  • OR caching-nameserver is earlier than 30:9.3.4-6.0.2.P1.el5_2
  • OR selinux-policy is earlier than 0:2.4.6-137.1.el5_2
  • OR bind-libs is earlier than 30:9.3.4-6.0.2.P1.el5_2
  • OR selinux-policy-strict is earlier than 0:2.4.6-137.1.el5_2
  • OR selinux-policy-mls is earlier than 0:2.4.6-137.1.el5_2
    • BACK