Internet Software Consortium Information for VU#927905

BIND version 8 generates cryptographically weak DNS query identifiers



Vendor Statement

This issue is addressed in ISC BIND 8.4.7-P1, available as patch that  
can be applied to BIND 8.4.7.
The more definitive solution is to upgrade to BIND 9. BIND 8 is being  
declared "end of life" by ISC due to multiple architectural issues.  
See ISC's website at for more information and  

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



Additional information about the problem and the End-of-life status for BIND version 8 can be found at the following location: