Internet Software Consortium Information for VU#927905

BIND version 8 generates cryptographically weak DNS query identifiers

Status

Affected

Vendor Statement

This issue is addressed in ISC BIND 8.4.7-P1, available as patch that  
can be applied to BIND 8.4.7.
The more definitive solution is to upgrade to BIND 9. BIND 8 is being  
declared "end of life" by ISC due to multiple architectural issues.  
See ISC's website at http://www.isc.org for more information and  
assistance.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Additional information about the problem and the End-of-life status for BIND version 8 can be found at the following location: