|
|
|
View Notes By
|
|
|
|
Other Documents
|
|
|
|
 |
Vulnerability Note VU#927905
BIND version 8 generates cryptographically weak DNS query identifiers
OverviewISC BIND version 8 generates cryptographically weak DNS query IDs which could allow a remote attacker to poison DNS caches.
I. DescriptionThe Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). Version 8 of the BIND software uses a weak algorithm to generate DNS query identifiers. This condition allows an attacker to reliably guess the next query ID, thereby allowing for DNS cache poisoning attacks.
ISC states that this bug only affects outgoing queries, generated by BIND 8 to answer questions as a resolver, or when it is looking up data for internal uses, such as when sending NOTIFY messages to slave name servers. Note that although this vulnerability is similar in nature and impact to VU#252735, it is a distinct issue.
II. ImpactA remote attacker with the ability to predict DNS query IDs and respond with arbitrary answers, could poison DNS caches.
III. SolutionUpgrade or apply a patch
Users should obtain a patch from their operating system vendor when available. Please see the Systems Affected section of this document for more information about specific vendors.
Users who compile their own versions of BIND 8 from the original ISC source code are encouraged to take the following actions described by ISC:
This issue is addressed in ISC BIND 8.4.7-P1, available as patch that
can be applied to BIND 8.4.7.
The more definitive solution is to upgrade to BIND 9. BIND 8 is being
declared "end of life" by ISC due to multiple architectural issues.
See ISC's website at http://www.isc.org for more information and
assistance.
Systems Affected
| Vendor | Status | Date Notified | Date Updated |
| Apple Computer, Inc. | Unknown | 27-Aug-2007 |
| BlueCat Networks, Inc. | Not Vulnerable | 28-Aug-2007 |
| Check Point Software Technologies | Unknown | 27-Aug-2007 |
| Conectiva Inc. | Unknown | 27-Aug-2007 |
| Cray Inc. | Unknown | 27-Aug-2007 |
| Debian GNU/Linux | Unknown | 27-Aug-2007 |
| EMC Corporation | Unknown | 27-Aug-2007 |
| Engarde Secure Linux | Unknown | 27-Aug-2007 |
| F5 Networks, Inc. | Unknown | 27-Aug-2007 |
| Fedora Project | Unknown | 27-Aug-2007 |
| FreeBSD, Inc. | Unknown | 27-Aug-2007 |
| Fujitsu | Unknown | 27-Aug-2007 |
| Gentoo Linux | Unknown | 27-Aug-2007 |
| Gnu ADNS | Unknown | 27-Aug-2007 |
| GNU glibc | Unknown | 27-Aug-2007 |
| Hewlett-Packard Company | Unknown | 27-Aug-2007 |
| Hitachi | Unknown | 27-Aug-2007 |
| IBM Corporation | Unknown | 27-Aug-2007 |
| IBM Corporation (zseries) | Unknown | 27-Aug-2007 |
| IBM eServer | Unknown | 27-Aug-2007 |
| Immunix Communications, Inc. | Unknown | 27-Aug-2007 |
| Infoblox | Not Vulnerable | 27-Aug-2007 |
| Ingrian Networks, Inc. | Unknown | 27-Aug-2007 |
| Internet Software Consortium | Vulnerable | 27-Aug-2007 |
| Juniper Networks, Inc. | Unknown | 27-Aug-2007 |
| Lucent Technologies | Unknown | 27-Aug-2007 |
| Mandriva, Inc. | Not Vulnerable | 27-Aug-2007 |
| Men & Mice | Unknown | 27-Aug-2007 |
| Metasolv Software, Inc. | Unknown | 27-Aug-2007 |
| Microsoft Corporation | Not Vulnerable | 28-Aug-2007 |
| MontaVista Software, Inc. | Unknown | 27-Aug-2007 |
| NEC Corporation | Unknown | 27-Aug-2007 |
| NetBSD | Unknown | 27-Aug-2007 |
| Nortel Networks, Inc. | Unknown | 27-Aug-2007 |
| Novell, Inc. | Unknown | 27-Aug-2007 |
| OpenBSD | Unknown | 27-Aug-2007 |
| Openwall GNU/*/Linux | Unknown | 27-Aug-2007 |
| QNX, Software Systems, Inc. | Unknown | 27-Aug-2007 |
| Red Hat, Inc. | Unknown | 27-Aug-2007 |
| Shadowsupport | Unknown | 27-Aug-2007 |
| Silicon Graphics, Inc. | Unknown | 27-Aug-2007 |
| Slackware Linux Inc. | Unknown | 27-Aug-2007 |
| Sony Corporation | Unknown | 27-Aug-2007 |
| Sun Microsystems, Inc. | Unknown | 27-Aug-2007 |
| SUSE Linux | Unknown | 27-Aug-2007 |
| The SCO Group | Unknown | 27-Aug-2007 |
| Trustix Secure Linux | Unknown | 27-Aug-2007 |
| Turbolinux | Unknown | 27-Aug-2007 |
| Ubuntu | Unknown | 27-Aug-2007 |
| Unisys | Unknown | 27-Aug-2007 |
| Wind River Systems, Inc. | Unknown | 27-Aug-2007 |
References
http://www.isc.org/index.pl?/sw/bind/bind8-eol.php
http://www.trusteer.com/docs/bind8dns.html
http://secunia.com/advisories/26629/
Credit
Thanks to the Internet Systems Consortium (ISC) for reporting this vulnerability. ISC, in turn, credits Amit Klein from Trusteer for reporting this issue to them.
This document was written by Chad Dougherty.
Other Information
| Date Public: | 2007-08-27 |
| Date First Published: | 2007-08-28 |
| Date Last Updated: | 2007-08-28 |
| CERT Advisory: | |
| CVE-ID(s): | CVE-2007-2930 |
| NVD-ID(s): | CVE-2007-2930 |
| US-CERT Technical Alerts: | |
| Metric: | 2.14 |
| Document Revision: | 14 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
|