CVE-2008-1447

Published Jul 8, 2008

Last updated 5 years ago

CVSS medium 6.8

Overview

Description: The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Source: secure@microsoft.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.8
Impact score: 4
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-331

Hype score: Not currently trending

Vendor comments

Red Hathttp://rhn.redhat.com/errata/RHSA-2008-0533.html

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "E3C43D05-40F8-4769-BA6B-A376420EA972"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "69117328-A5AD-48A5-A56A-0AA8805A113E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "3ECE18F6-9DDD-4354-9012-B0660E184E83"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "4A2B4F1C-737D-40DA-B12E-6C664F9A7ECA"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "DBBCB4B2-8007-4AD5-946E-396330E7DC31"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "68758D17-44AF-4472-928C-3B94A7EAD671"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "76EDD7D7-4567-4007-86A3-95E907616C6A"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "7A933555-D875-47B9-BFA7-E030B04C1197"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "4BAA5F63-9A88-4B38-B284-B6E6170F12A8"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "9F168D81-2D2B-4B75-B907-A8AE2A3523C5"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "1778D813-845D-4B79-B9AF-5D4E0B461C75"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "A2E917A1-AFE1-4AA3-AB80-A69F152BAB51"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "C8203007-1723-431B-ADDE-C5FE76A88619"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "423102CB-1FA1-46BB-8345-412F35DB25B7"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*",
            "vulnerable": false,
            "matchCriteriaId": "98E956AB-6A8E-4C5D-89D5-52BC374B1D7C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "676A5A3B-EFE5-4B84-8F8E-CF952003F48F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "4902A7BD-0645-4CAC-8EA8-24BD2D8B893A"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D6B5646C-FF04-4D3D-B39E-27C1056962EA"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7361D8F0-FE84-41D0-9C62-F180339DD40A"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5454336D-724E-4027-A642-1EFCB79C1ADC"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E3C0D00-DF20-4B46-8A7D-99D963BD921E"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7904F3D9-A6B0-4ED6-8BAD-2D26C118C0F2"
          },
          {
            "criteria": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90E4653A-C63A-4568-BFF2-ECAB7AB5A55C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Vendor comments

Configurations

References