Description
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
High
Availability
None
Affected products
- ISC / BIND4 โ 4
- ISC / BIND8 โ 8
- ISC / BIND9.2.9 โ 9.2.9
References
- MISChttp://www.securitytracker.com/id?1020438
- MISChttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
- MISChttp://www.kb.cert.org/vuls/id/800113
- VENDOR_ADVISORYhttp://secunia.com/advisories/31137
- VENDOR_ADVISORYhttp://secunia.com/advisories/31430
- MISChttp://www.kb.cert.org/vuls/id/MIMG-7DWR4J
- VENDOR_ADVISORYhttp://secunia.com/advisories/31169
- MISChttp://www.phys.uu.nl/~rombouts/pdnsd.html
- MISChttp://www.securitytracker.com/id?1020702
- MISChttp://security.gentoo.org/glsa/glsa-201209-25.xml
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2052/references
- MISChttp://www.securitytracker.com/id?1020561
- VENDOR_ADVISORYhttp://www.vmware.com/security/advisories/VMSA-2008-0014.html
- MAILING_LISThttp://marc.info/?l=bugtraq&m=141879471518471&w=2
- MISChttp://www.securitytracker.com/id?1020578
- VENDOR_ADVISORYhttp://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627
- MISChttp://www.securitytracker.com/id?1020802
- MAILING_LISThttp://marc.info/?l=bugtraq&m=123324863916385&w=2
- MISChttp://www.securityfocus.com/bid/30131
- MISChttp://www.openbsd.org/errata42.html#013_bind
- VENDOR_ADVISORYhttp://secunia.com/advisories/31236
- MAILING_LISThttp://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
- MISChttp://www.securitytracker.com/id?1020651
- MISChttp://www.securitytracker.com/id?1020437
- VENDOR_ADVISORYhttp://secunia.com/advisories/31209
- VENDOR_ADVISORYhttp://secunia.com/advisories/31012
- VENDOR_ADVISORYhttp://secunia.com/advisories/31151
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2050/references
- MISChttp://support.citrix.com/article/CTX117991
- MAILING_LISThttp://marc.info/?l=bugtraq&m=141879471518471&w=2
- VENDOR_ADVISORYhttp://secunia.com/advisories/31237
- MISChttp://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
- MAILING_LISThttp://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/43334
- VENDOR_ADVISORYhttp://secunia.com/advisories/31495
- EXPLOIThttps://www.exploit-db.com/exploits/6130
- VENDOR_ADVISORYhttp://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml
- MISChttp://www.securitytracker.com/id?1020579
- MISChttp://www.nominum.com/asset_upload_file741_2661.pdf
- MISChttp://www.securitytracker.com/id?1020653
- VENDOR_ADVISORYhttp://secunia.com/advisories/30998
- VENDOR_ADVISORYhttp://www.debian.org/security/2008/dsa-1603
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2525
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/31094
- MISChttp://www.ibm.com/support/docview.wss?uid=isg1IZ26668
- VENDOR_ADVISORYhttp://secunia.com/advisories/31687
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2025/references
- MISChttp://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1
- MISChttp://www.us-cert.gov/cas/techalerts/TA08-260A.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/31588
- VENDOR_ADVISORYhttp://secunia.com/advisories/31019
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2029/references
- MAILING_LISThttp://marc.info/?l=bugtraq&m=121630706004256&w=2
- EXPLOIThttps://www.exploit-db.com/exploits/6123
- MISChttp://www.ibm.com/support/docview.wss?uid=isg1IZ26671
- MISChttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2268
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/0297
- MAILING_LISThttp://marc.info/?l=bugtraq&m=121630706004256&w=2
- VENDOR_ADVISORYhttp://secunia.com/advisories/31207
- VENDOR_ADVISORYhttp://secunia.com/advisories/31031
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2584
- VENDOR_ADVISORYhttp://secunia.com/advisories/31451
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2051/references
- VENDOR_ADVISORYhttp://secunia.com/advisories/30977
- MISChttp://www.redhat.com/support/errata/RHSA-2008-0789.html
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2377
- MISChttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368
- MISChttp://www.securitytracker.com/id?1020558
- VENDOR_ADVISORYhttp://secunia.com/advisories/31221
- MISChttp://rhn.redhat.com/errata/RHSA-2008-0533.html
- MISChttp://www.openbsd.org/errata43.html#004_bind
- MISChttp://www.securitytracker.com/id?1020804
- VENDOR_ADVISORYhttp://secunia.com/advisories/31143
- MISChttp://www.securityfocus.com/archive/1/495289/100/0/threaded
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2195/references
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2196/references
- VENDOR_ADVISORYhttp://secunia.com/advisories/33714
- MAILING_LISThttp://marc.info/?l=bugtraq&m=121866517322103&w=2
- VENDOR_ADVISORYhttp://secunia.com/advisories/33786
- MISChttp://www.securitytracker.com/id?1020448
- VENDOR_ADVISORYhttp://secunia.com/advisories/31882
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2384
- MISChttp://www.ibm.com/support/docview.wss?uid=isg1IZ26669
- MISChttp://up2date.astaro.com/2008/08/up2date_7202_released.html
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2123/references
- VENDOR_ADVISORYhttp://support.apple.com/kb/HT3026
- VENDOR_ADVISORYhttp://secunia.com/advisories/31014
- VENDOR_ADVISORYhttp://secunia.com/advisories/30979
- MISChttp://www.securitytracker.com/id?1020575
- MISChttp://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2482
- MISChttp://www.ibm.com/support/docview.wss?uid=isg1IZ26672
- VENDOR_ADVISORYhttp://support.apple.com/kb/HT3129
- VENDOR_ADVISORYhttp://www.debian.org/security/2008/dsa-1619
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2166/references
- VENDOR_ADVISORYhttp://secunia.com/advisories/31072
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2139/references
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2092/references
- VENDOR_ADVISORYhttp://secunia.com/advisories/31482
- MISChttp://www.ibm.com/support/docview.wss?uid=isg1IZ26670
- VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:139
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917
- VENDOR_ADVISORYhttp://secunia.com/advisories/30989
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2055/references
- MISChttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368
- MISChttp://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152
- MISChttp://www.ipcop.org/index.php?name=News&file=article&sid=40
- VENDOR_ADVISORYhttp://secunia.com/advisories/31065
- VENDOR_ADVISORYhttp://secunia.com/advisories/31254
- MISChttp://www.securityfocus.com/archive/1/495869/100/0/threaded
- MISChttp://www.doxpara.com/?p=1176
- VENDOR_ADVISORYftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/usn-627-1
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/0622
- MISChttp://www.securitytracker.com/id?1020576
- MISChttp://www.isc.org/index.pl?/sw/bind/bind-security.php
- MISChttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520
- VENDOR_ADVISORYhttp://secunia.com/advisories/31153
- VENDOR_ADVISORYhttp://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2549
- MISChttp://www.ibm.com/support/docview.wss?uid=isg1IZ26667
- MISChttp://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/31213
- VENDOR_ADVISORYhttp://secunia.com/advisories/31030
- VENDOR_ADVISORYhttp://www.ubuntu.com/usn/usn-622-1
- VENDOR_ADVISORYhttp://secunia.com/advisories/31033
- MISChttp://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
- MISChttp://www.securitytracker.com/id?1020440
- MAILING_LISThttp://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
- MISChttp://www.doxpara.com/DMK_BO2K8.ppt
- MAILING_LISThttp://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
- VENDOR_ADVISORYhttp://www.debian.org/security/2008/dsa-1604
- VENDOR_ADVISORYhttp://secunia.com/advisories/31823
- VENDOR_ADVISORYhttp://secunia.com/advisories/31326
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2558
- EXPLOIThttps://www.exploit-db.com/exploits/6122
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725
- MISChttp://www.caughq.org/exploits/CAU-EX-2008-0003.txt
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/43637
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2383
- MISChttp://www.securitytracker.com/id?1020560
- VENDOR_ADVISORYhttp://secunia.com/advisories/31900
- MISChttp://www.kb.cert.org/vuls/id/MIMG-7ECL8Q
- MISChttp://support.citrix.com/article/CTX118183
- VENDOR_ADVISORYhttp://secunia.com/advisories/30925
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/0311
- VENDOR_ADVISORYhttp://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
- VENDOR_ADVISORYhttp://www.debian.org/security/2008/dsa-1623
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2582
- MISChttp://www.caughq.org/exploits/CAU-EX-2008-0002.txt
- VENDOR_ADVISORYhttp://www.debian.org/security/2008/dsa-1605
- MISChttp://www.novell.com/support/viewContent.do?externalId=7000912
- VENDOR_ADVISORYhttp://www.bluecoat.com/support/security-advisories/dns_cache_poisoning
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2342
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2114/references
- VENDOR_ADVISORYhttp://secunia.com/advisories/30973
- VENDOR_ADVISORYhttp://secunia.com/advisories/31204
- VENDOR_ADVISORYhttp://secunia.com/advisories/31354
- MISChttp://security.gentoo.org/glsa/glsa-200812-17.xml
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117
- VENDOR_ADVISORYhttp://secunia.com/advisories/33178
- VENDOR_ADVISORYhttp://secunia.com/advisories/30988
- MAILING_LISThttp://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/31011
- MISChttp://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2334
- MISChttp://www.securitytracker.com/id?1020577
- VENDOR_ADVISORYhttp://secunia.com/advisories/31422
- VENDOR_ADVISORYhttp://secunia.com/advisories/31197
- MISChttp://www.securitytracker.com/id?1020548
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2467
- MISChttp://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1
- MISChttp://www.us-cert.gov/cas/techalerts/TA08-190B.html
- MISChttp://www.us-cert.gov/cas/techalerts/TA08-190A.html
- MISChttp://security.gentoo.org/glsa/glsa-200807-08.xml
- VENDOR_ADVISORYhttp://secunia.com/advisories/31022
- MISChttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239
- MISChttp://www.securitytracker.com/id?1020449
- VENDOR_ADVISORYhttp://secunia.com/advisories/31093
- VENDOR_ADVISORYhttp://secunia.com/advisories/31052
- VENDOR_ADVISORYhttp://secunia.com/advisories/30980
- MISChttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680
- VENDOR_ADVISORYhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
- VENDOR_ADVISORYhttp://secunia.com/advisories/31199
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2030/references
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2291
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2023/references
- MAILING_LISThttp://marc.info/?l=bugtraq&m=123324863916385&w=2
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2466
- MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037
- VENDOR_ADVISORYhttp://secunia.com/advisories/31212
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2113/references
- VENDOR_ADVISORYhttp://secunia.com/advisories/31152
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2019/references
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2197/references