Home > Vulnerability Database > CVE-2008-1447

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2008-1447

Date: July 8, 2008

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

Severity Score

6.8

Related Resources (200)

Url: http://secunia.com/advisories/31143

Url: http://secunia.com/advisories/31022

Url: http://www.redhat.com/support/errata/RHSA-2008-0789.html

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368

Url: http://secunia.com/advisories/31823

Url: http://secunia.com/advisories/30973

Url: http://www.isc.org/index.pl?/sw/bind/bind-security.php

Url: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc

Url: http://www.vupen.com/english/advisories/2008/2482

Url: http://marc.info/?l=bugtraq&m=141879471518471&w=2

Url: http://www.vupen.com/english/advisories/2008/2123/references

Url: http://www.debian.org/security/2008/dsa-1623

Url: http://www.vupen.com/english/advisories/2008/2113/references

Url: https://www.exploit-db.com/exploits/6130

Url: http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml

Url: http://secunia.com/advisories/30979

Url: http://secunia.com/advisories/30977

Url: http://secunia.com/advisories/31012

Url: http://secunia.com/advisories/31254

Url: http://secunia.com/advisories/31495

Url: http://www.securityfocus.com/archive/1/495869/100/0/threaded

Url: http://secunia.com/advisories/31011

Url: http://secunia.com/advisories/31019

Url: http://support.citrix.com/article/CTX118183

Url: http://secunia.com/advisories/31137

Url: http://secunia.com/advisories/31014

Url: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231

Url: http://security.gentoo.org/glsa/glsa-200807-08.xml

Url: http://support.apple.com/kb/HT3129

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1

Url: http://www.debian.org/security/2008/dsa-1619

Url: http://secunia.com/advisories/33786

Url: http://secunia.com/advisories/31482

Url: http://www.vupen.com/english/advisories/2008/2114/references

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:139

Url: http://www.vupen.com/english/advisories/2008/2383

Url: http://www.caughq.org/exploits/CAU-EX-2008-0003.txt

Url: http://www.vupen.com/english/advisories/2008/2268

Url: http://www.debian.org/security/2008/dsa-1605

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917

Url: http://www.debian.org/security/2008/dsa-1604

Url: http://www.debian.org/security/2008/dsa-1603

Url: http://www.vupen.com/english/advisories/2008/2384

Url: http://www.ipcop.org/index.php?name=News&file=article&sid=40

Url: http://www.vupen.com/english/advisories/2008/2019/references

Url: http://secunia.com/advisories/31237

Url: http://secunia.com/advisories/31236

Url: http://www.vupen.com/english/advisories/2008/2029/references

Url: http://secunia.com/advisories/31354

Url: http://www.ubuntu.com/usn/usn-627-1

Url: http://support.citrix.com/article/CTX117991

Url: http://www.securitytracker.com/id?1020804

Url: http://www.us-cert.gov/cas/techalerts/TA08-260A.html

Url: http://www.securitytracker.com/id?1020802

Url: http://www.vupen.com/english/advisories/2008/2377

Url: http://www.us-cert.gov/cas/techalerts/TA08-190A.html

Url: http://www.securityfocus.com/archive/1/495289/100/0/threaded

Url: http://secunia.com/advisories/31065

Url: http://www.vupen.com/english/advisories/2008/2558

Url: http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

Url: https://access.redhat.com/security/cve/CVE-2008-1447

Url: http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/43334

Url: http://www.vupen.com/english/advisories/2008/2549

Url: http://secunia.com/advisories/31052

Url: http://www.vupen.com/english/advisories/2008/2052/references

Url: http://up2date.astaro.com/2008/08/up2date_7202_released.html

Url: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

Url: http://www.vupen.com/english/advisories/2008/2025/references

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680

Url: http://www.ubuntu.com/usn/usn-622-1

Url: http://www.vupen.com/english/advisories/2008/2092/references

Url: http://www.securitytracker.com/id?1020702

Url: http://www.vupen.com/english/advisories/2008/2050/references

Url: http://www.openbsd.org/errata42.html#013_bind

Url: http://www.us-cert.gov/cas/techalerts/TA08-190B.html

Url: http://marc.info/?l=bugtraq&m=121630706004256&w=2

Url: http://secunia.com/advisories/30998

Url: http://secunia.com/advisories/31169

Url: http://www.vupen.com/english/advisories/2008/2023/references

Url: https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html

Url: http://www.vupen.com/english/advisories/2008/2467

Url: http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152

Url: http://www.vupen.com/english/advisories/2008/2466

Url: http://www.doxpara.com/?p=1176

Url: http://www.vupen.com/english/advisories/2008/2584

Url: http://www.vupen.com/english/advisories/2008/2342

Url: http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

Url: http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

Url: http://www.vupen.com/english/advisories/2008/2582

Url: http://secunia.com/advisories/31033

Url: http://secunia.com/advisories/31153

Url: http://secunia.com/advisories/31031

Url: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520

Url: http://secunia.com/advisories/31152

Url: http://secunia.com/advisories/31151

Url: http://secunia.com/advisories/31030

Url: http://www.vupen.com/english/advisories/2010/0622

Url: http://secunia.com/advisories/30980

Url: http://rhn.redhat.com/errata/RHSA-2008-0533.html

Url: http://support.apple.com/kb/HT3026

Url: http://secunia.com/advisories/30988

Url: http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239

Url: http://www.vupen.com/english/advisories/2008/2196/references

Url: http://secunia.com/advisories/30989

Url: http://www.vupen.com/english/advisories/2008/2334

Url: http://www.vupen.com/english/advisories/2008/2030/references

Url: http://www.ibm.com/support/docview.wss?uid=isg1IZ26669

Url: http://www.ibm.com/support/docview.wss?uid=isg1IZ26668

Url: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

Url: http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc

Url: http://marc.info/?l=bugtraq&m=123324863916385&w=2

Url: http://secunia.com/advisories/31422

Url: http://www.ibm.com/support/docview.wss?uid=isg1IZ26667

Url: http://www.vupen.com/english/advisories/2008/2166/references

Url: http://www.vupen.com/english/advisories/2008/2051/references

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117

Url: http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html

Url: http://secunia.com/advisories/31094

Url: http://secunia.com/advisories/33714

Url: http://secunia.com/advisories/31093

Url: http://www.nominum.com/asset_upload_file741_2661.pdf

Url: http://marc.info/?l=bugtraq&m=121866517322103&w=2

Url: http://www.openbsd.org/errata43.html#004_bind

Url: http://www.novell.com/support/viewContent.do?externalId=7000912

Url: http://secunia.com/advisories/31882

Url: http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html

Url: http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html

Url: http://www.phys.uu.nl/~rombouts/pdnsd.html

Url: http://www.securitytracker.com/id?1020653

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-1447

Url: http://www.securitytracker.com/id?1020651

Url: http://secunia.com/advisories/31199

Url: http://www.vupen.com/english/advisories/2009/0297

Url: http://secunia.com/advisories/31197

Url: http://www.vupen.com/english/advisories/2008/2525

Url: http://secunia.com/advisories/31072

Url: http://www.ibm.com/support/docview.wss?uid=isg1IZ26672

Url: http://www.ibm.com/support/docview.wss?uid=isg1IZ26671

Url: http://www.securityfocus.com/bid/30131

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761

Url: http://www.ibm.com/support/docview.wss?uid=isg1IZ26670

Url: http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog

Url: http://secunia.com/advisories/31221

Url: http://security.gentoo.org/glsa/glsa-201209-25.xml

Url: http://www.securitytracker.com/id?1020561

Url: http://www.securitytracker.com/id?1020440

Url: http://www.doxpara.com/DMK_BO2K8.ppt

Url: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037

Url: http://www.securitytracker.com/id?1020560

Url: http://secunia.com/advisories/31900

Url: http://secunia.com/advisories/31588

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1

Url: http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning

Url: http://www.securitytracker.com/id?1020437

Url: http://www.securitytracker.com/id?1020558

Url: http://www.securitytracker.com/id?1020438

Url: http://secunia.com/advisories/31451

Url: http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html

Url: http://www.vupen.com/english/advisories/2008/2055/references

Url: http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html

Url: http://www.vupen.com/english/advisories/2009/0311

Url: https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html

Url: http://secunia.com/advisories/31213

Url: http://www.kb.cert.org/vuls/id/800113

Url: http://secunia.com/advisories/31212

Url: http://secunia.com/advisories/30925

Url: http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

Url: http://www.securitytracker.com/id?1020548

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1447

Url: http://secunia.com/advisories/31207

Url: http://secunia.com/advisories/31326

Url: http://secunia.com/advisories/31204

Url: http://secunia.com/advisories/31687

Url: http://secunia.com/advisories/31209

Url: http://www.vmware.com/security/advisories/VMSA-2008-0014.html

Url: http://www.securitytracker.com/id?1020578

Url: http://www.securitytracker.com/id?1020579

Url: http://www.securitytracker.com/id?1020576

Url: http://www.securitytracker.com/id?1020577

Url: http://secunia.com/advisories/31430

Url: http://www.securitytracker.com/id?1020575

Url: http://secunia.com/advisories/33178

Url: http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q

Url: http://www.vupen.com/english/advisories/2008/2195/references

Url: http://www.caughq.org/exploits/CAU-EX-2008-0002.txt

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/43637

Url: http://www.vupen.com/english/advisories/2008/2139/references

Url: http://www.kb.cert.org/vuls/id/MIMG-7DWR4J

Url: http://security.gentoo.org/glsa/glsa-200812-17.xml

Url: http://www.vupen.com/english/advisories/2008/2291

Url: https://www.exploit-db.com/exploits/6122

Url: http://www.vupen.com/english/advisories/2008/2197/references

Url: https://www.exploit-db.com/exploits/6123

Url: http://www.securitytracker.com/id?1020448

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725

Url: http://www.securitytracker.com/id?1020449

Url: http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html

Url: https://www.mend.io/vulnerability-database/CVE-2008-1447

Severity Score

6.8

Weakness Type (CWE)

Insufficient Entropy

CWE-331

CVSS v3.1

Base Score:	6.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us