CVE-2007-2926

Description

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.

4.3

CVSS

Severity: Medium

CVSS 2.0 •

EPSS 15.04% Top 10%

Vendor Advisory marc.info Vendor Advisory ibm.com Vendor Advisory redhat.com Vendor Advisory hp.com Vendor Advisory hp.com Vendor Advisory sun.com Vendor Advisory mandriva.com Vendor Advisory freebsd.org Vendor Advisory gentoo.org Vendor Advisory trustix.org Vendor Advisory slackware.org Vendor Advisory apple.com Vendor Advisory ibm.com Vendor Advisory ubuntu.com Vendor Advisory hp.com Vendor Advisory sgi.com Vendor Advisory debian.org Vendor Advisory novell.com Vendor Advisory openpkg.com Vendor Advisory secunia.com

Affected: n/a n/a

References

Link	Tags
http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm
http://www.trusteer.com/docs/bind9dns_s.html
http://secunia.com/advisories/26231	third party advisory
http://www.vupen.com/english/advisories/2007/2932	vdb entry
http://marc.info/?l=bugtraq&m=141879471518471&w=2	vendor advisory
http://secunia.com/advisories/26847	third party advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only	vendor advisory
http://www.vupen.com/english/advisories/2007/2914	vdb entry
http://www.redhat.com/support/errata/RHSA-2007-0740.html	vendor advisory
http://secunia.com/advisories/26217	third party advisory
http://secunia.com/advisories/26509	third party advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368	vendor advisory
http://www.securityfocus.com/bid/26444	vdb entry
http://www.securiteam.com/securitynews/5VP0L0UM0A.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426	vendor advisory
http://secunia.com/advisories/26605	third party advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1	vendor advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:149	vendor advisory
http://secunia.com/advisories/26607	third party advisory
http://www.securityfocus.com/archive/1/474856/100/0/threaded	mailing list
http://secunia.com/advisories/26148	third party advisory
http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc	vendor advisory
http://www.kb.cert.org/vuls/id/252735	third party advisory us government resource
http://www.trusteer.com/docs/bind9dns.html
http://secunia.com/advisories/26180	third party advisory
http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml	vendor advisory
http://secunia.com/advisories/26152	third party advisory vendor advisory
http://www.trustix.org/errata/2007/0023/	vendor advisory
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385	vendor advisory
http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html	vendor advisory
http://docs.info.apple.com/article.html?artnum=307041
http://www.securityfocus.com/archive/1/474516/100/0/threaded	mailing list
http://www.isc.org/index.pl?/sw/bind/bind-security.php
http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only	vendor advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/35575	vdb entry
http://www.vupen.com/english/advisories/2007/2782	vdb entry
http://secunia.com/advisories/26227	third party advisory
http://secunia.com/advisories/26261	third party advisory
http://www.vupen.com/english/advisories/2007/3868	vdb entry
http://www.securityfocus.com/bid/25037	vdb entry
http://secunia.com/advisories/26515	third party advisory
http://www.ubuntu.com/usn/usn-491-1	vendor advisory
http://secunia.com/advisories/26330	third party advisory
https://issues.rpath.com/browse/RPL-1587
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600	vendor advisory
http://www.securitytracker.com/id?1018442	vdb entry
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc	vendor advisory
http://www.debian.org/security/2007/dsa-1341	vendor advisory
http://secunia.com/advisories/26308	third party advisory
http://www.novell.com/linux/security/advisories/2007_47_bind.html	vendor advisory
http://www.vupen.com/english/advisories/2007/2627	vdb entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226	signature vdb entry
http://secunia.com/advisories/27643	third party advisory
http://secunia.com/advisories/26236	third party advisory
http://www.vupen.com/english/advisories/2007/2662	vdb entry
http://secunia.com/advisories/26195	third party advisory
ftp://aix.software.ibm.com/aix/efixes/security/README
http://www.vupen.com/english/advisories/2007/3242	vdb entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293	signature vdb entry
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html	vendor advisory
http://www.us-cert.gov/cas/techalerts/TA07-319A.html	third party advisory us government resource
http://secunia.com/advisories/26925	third party advisory
http://secunia.com/advisories/26160	third party advisory
http://www.securityfocus.com/archive/1/474545/100/0/threaded	mailing list
http://www.securityfocus.com/archive/1/474808/100/0/threaded	mailing list
http://secunia.com/advisories/26531	third party advisory

Frequently Asked Questions

What is the severity of CVE-2007-2926?: CVE-2007-2926 has been scored as a medium severity vulnerability.
How to fix CVE-2007-2926?: To fix CVE-2007-2926, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2007-2926 being actively exploited in the wild?: It is possible that CVE-2007-2926 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~15% probability that this vulnerability will be exploited by malicious actors in the next 30 days.