(Sun Issues Fix) BIND 8 Transaction ID Generation Algorithm Lets Remote Users Conduct DNS Cache Poisoning Attacks
|
|
SecurityTracker Alert ID: 1018726
|
|
SecurityTracker URL: http://securitytracker.com/id?1018726
|
|
CVE Reference: CVE-2007-2930
(Links to External Site)
|
Updated: Oct 16 2007
|
Original Entry Date: Sep 21 2007
|
Impact: Modification of user information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: Sun Alert
|
Version(s): 8
|
Description: A vulnerability was reported in BIND 8. A remote user can conduct DNS cache poisoning attacks.
A remote user can poison the cache of any BIND 8 server conducting caching due to a weakness in the transaction ID generation algorithm.
A remote user can observe a few consecutive transaction ID values from the target DNS server to predict the next value.
The
exploit method is different from that of the BIND 9 DNS cache poisoning attacks.
The vendor was notified on July 26, 2007.
The
original advisory is available at:
http://www.trusteer.com/docs/bind8dns.html
Amit Klein of Trusteer reported this vulnerability.
|
Impact: A remote user can poison the cache of the target DNS caching server.
|
Solution: Sun has issued the following fixes.
SPARC Platform
* Solaris 8 with patch 109326-20 or later
* Solaris 9 with patch
112837-14 or later
x86 Platform
* Solaris 8 with patch 109327-20 or later
* Solaris 9 with patch 114265-13 or later
The
Sun advisory is available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103063-1
|
Vendor URL: www.isc.org (Links to External Site)
|
Cause: Randomization error
|
Underlying OS: UNIX (Solaris - SunOS)
|
Underlying OS Comments: 8, 9
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 20 Sep 2007 23:05:10 -0400
Subject: Security Vulnerability in BIND 8 May Allow Cache Poisoning Attack
|
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103063-1
CVE-2007-2930
|
|
