(Sun Issues Fix) BIND 8 Transaction ID Generation Algorithm Lets Remote Users Conduct DNS Cache Poisoning Attacks
|
|
SecurityTracker Alert ID: 1018726 |
|
SecurityTracker URL: http://securitytracker.com/id/1018726
|
|
CVE Reference:
CVE-2007-2930
(Links to External Site)
|
Updated: Oct 16 2007
|
Original Entry Date: Sep 21 2007
|
Impact:
Modification of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 8
|
Description:
A vulnerability was reported in BIND 8. A remote user can conduct DNS cache poisoning attacks.
A remote user can poison the cache of any BIND 8 server conducting caching due to a weakness in the transaction ID generation algorithm. A remote user can observe a few consecutive transaction ID values from the target DNS server to predict the next value.
The exploit method is different from that of the BIND 9 DNS cache poisoning attacks.
The vendor was notified on July 26, 2007.
The original advisory is available at:
http://www.trusteer.com/docs/bind8dns.html
Amit Klein of Trusteer reported this vulnerability.
|
Impact:
A remote user can poison the cache of the target DNS caching server.
|
Solution:
Sun has issued the following fixes.
SPARC Platform
* Solaris 8 with patch 109326-20 or later
* Solaris 9 with patch 112837-14 or later
x86 Platform
* Solaris 8 with patch 109327-20 or later
* Solaris 9 with patch 114265-13 or later
The Sun advisory is available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103063-1
|
Vendor URL: www.isc.org (Links to External Site)
|
Cause:
Randomization error
|
Underlying OS:
UNIX (Solaris - SunOS)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Thu, 20 Sep 2007 23:05:10 -0400
Subject: Security Vulnerability in BIND 8 May Allow Cache Poisoning Attack
|
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103063-1
CVE-2007-2930
|
|
