Mission and Overview
NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g. FISMA).
Resource Status
NVD contains:

Last updated: 9/21/2014 4:02:09 AM

CVE Publication rate: 29.77

Email List

NVD provides four mailing lists to the public. For information and subscription instructions please visit NVD Mailing Lists

Workload Index
Vulnerability Workload Index: 9.45
About Us
NVD is a product of the NIST Computer Security Division and is sponsored by the Department of Homeland Security's National Cyber Security Division. It supports the U.S. government multi-agency (OSD, DHS, NSA, DISA, and NIST) Information Security Automation Program. It is the U.S. government content repository for the Security Content Automation Protocol (SCAP).

National Cyber Awareness System

Vulnerability Summary for CVE-2008-1447

Original release date: 07/08/2008
Last revised: 05/14/2013
Source: US-CERT/NIST

Overview

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:P/A:P) (legend)
Impact Subscore: 4.9
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Allows unauthorized modification; Allows disruption of service

Vendor Statements (disclaimer)

Official Statement from Red Hat (07/09/2008)
http://rhn.redhat.com/errata/RHSA-2008-0533.html

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: VUPEN
Name: ADV-2008-2268
External Source: OVAL
Name: oval:org.mitre.oval:def:5761
External Source: VUPEN
Name: ADV-2008-2195
External Source: SECUNIA
Name: 33178
External Source: CONFIRM
Name: http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
External Source: SECTRACK
Name: 1020804
External Source: CONFIRM
Name: http://up2date.astaro.com/2008/08/up2date_7202_released.html
External Source: VUPEN
Name: ADV-2008-2050
External Source: CISCO
Name: 20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks
External Source: APPLE
Name: APPLE-SA-2008-09-12
External Source: CONFIRM
Name: http://support.citrix.com/article/CTX117991
External Source: SECUNIA
Name: 31237
Type: Advisory
External Source: SECTRACK
Name: 1020651
External Source: CONFIRM
Name: http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152
External Source: SECUNIA
Name: 31209
External Source: FREEBSD
Name: FreeBSD-SA-08:06
External Source: VUPEN
Name: ADV-2008-2466
External Source: SLACKWARE
Name: SSA:2008-205-01
External Source: SECTRACK
Name: 1020440
External Source: CONFIRM
Name: http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html
External Source: UBUNTU
Name: USN-627-1
External Source: SECTRACK
Name: 1020560
External Source: OVAL
Name: oval:org.mitre.oval:def:9627
External Source: SECUNIA
Name: 31430
External Source: SECUNIA
Name: 30980
External Source: REDHAT
Name: RHSA-2008:0789
External Source: SECUNIA
Name: 31254
Type: Advisory
External Source: VUPEN
Name: ADV-2008-2525
External Source: CONFIRM
Name: http://support.apple.com/kb/HT3026
External Source: SECUNIA
Name: 30989
Type: Advisory
External Source: SECUNIA
Name: 30973
External Source: GENTOO
Name: GLSA-201209-25
External Source: AIXAPAR
Name: IZ26668
External Source: HP
Name: HPSBTU02358
External Source: SECUNIA
Name: 30925
External Source: HP
Name: SSRT071449
External Source: VUPEN
Name: ADV-2009-0297
External Source: SECUNIA
Name: 31482
External Source: CONFIRM
Name: http://www.novell.com/support/viewContent.do?externalId=7000912
External Source: VUPEN
Name: ADV-2008-2166
External Source: SECTRACK
Name: 1020449
External Source: SECUNIA
Name: 31012
External Source: CONFIRM
Name: http://www.isc.org/index.pl?/sw/bind/bind-security.php
External Source: SECUNIA
Name: 31011
External Source: SUSE
Name: SUSE-SR:2008:017
External Source: SECTRACK
Name: 1020558
External Source: SECUNIA
Name: 31199
External Source: VUPEN
Name: ADV-2008-2291
External Source: MISC
Name: http://www.doxpara.com/?p=1176
External Source: SECTRACK
Name: 1020578
External Source: MISC
Name: http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
External Source: APPLE
Name: APPLE-SA-2008-09-09
External Source: AIXAPAR
Name: IZ26667
External Source: SECUNIA
Name: 31588
External Source: SECUNIA
Name: 31065
External Source: MISC
Name: http://www.doxpara.com/DMK_BO2K8.ppt
External Source: VUPEN
Name: ADV-2008-2052
External Source: SECUNIA
Name: 30979
External Source: SECTRACK
Name: 1020575
External Source: FEDORA
Name: FEDORA-2008-6281
External Source: VUPEN
Name: ADV-2008-2029
External Source: REDHAT
Name: RHSA-2008:0533
External Source: SECTRACK
Name: 1020448
US-CERT Vulnerability Note: CERT
Name: TA08-190B
External Source: SUNALERT
Name: 239392
External Source: SECUNIA
Name: 31207
Type: Advisory
External Source: OVAL
Name: oval:org.mitre.oval:def:5725
External Source: SECUNIA
Name: 31143
External Source: CONFIRM
Name: http://www.ipcop.org/index.php?name=News&file=article&sid=40
External Source: OPENBSD
Name: [4.2] 013: SECURITY FIX: July 23, 2008
External Source: FULLDISC
Name: 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
External Source: SECUNIA
Name: 31204
External Source: DEBIAN
Name: DSA-1604
External Source: SECUNIA
Name: 31221
External Source: CONFIRM
Name: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231
External Source: SECUNIA
Name: 33786
External Source: SECUNIA
Name: 31197
Type: Advisory
External Source: VUPEN
Name: ADV-2008-2051
External Source: GENTOO
Name: GLSA-200812-17
External Source: SECUNIA
Name: 31014
External Source: VUPEN
Name: ADV-2008-2114
External Source: VUPEN
Name: ADV-2008-2377
External Source: CONFIRM
Name: http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q
External Source: SECUNIA
Name: 33714
External Source: CONFIRM
Name: http://www.phys.uu.nl/~rombouts/pdnsd.html
External Source: SECUNIA
Name: 31823
External Source: VUPEN
Name: ADV-2008-2113
External Source: HP
Name: HPSBNS02405
External Source: VUPEN
Name: ADV-2008-2384
External Source: VUPEN
Name: ADV-2009-0311
External Source: VUPEN
Name: ADV-2008-2023
External Source: DEBIAN
Name: DSA-1605
External Source: SECUNIA
Name: 31033
Type: Advisory
External Source: HP
Name: SSRT080058
External Source: BUGTRAQ
Name: 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
External Source: SECUNIA
Name: 31072
External Source: VUPEN
Name: ADV-2008-2139
External Source: VUPEN
Name: ADV-2008-2549
External Source: VUPEN
Name: ADV-2008-2123
External Source: CONFIRM
Name: http://www.vmware.com/security/advisories/VMSA-2008-0014.html
External Source: SUSE
Name: SUSE-SA:2008:033
External Source: BUGTRAQ
Name: 20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability
External Source: MS
Name: MS08-037
Type: Advisory; Patch Information
External Source: SECUNIA
Name: 31451
External Source: SECUNIA
Name: 31030
External Source: VUPEN
Name: ADV-2008-2197
External Source: MISC
Name: http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html
External Source: SECTRACK
Name: 1020576
External Source: SECUNIA
Name: 31326
External Source: AIXAPAR
Name: IZ26671
External Source: VUPEN
Name: ADV-2008-2558
External Source: SECTRACK
Name: 1020577
External Source: XF
Name: win-dns-client-server-spoofing(43334)
External Source: VUPEN
Name: ADV-2008-2334
External Source: SECUNIA
Name: 31213
External Source: OVAL
Name: oval:org.mitre.oval:def:12117
External Source: HP
Name: SSRT090014
External Source: SECUNIA
Name: 31236
External Source: SECUNIA
Name: 31495
External Source: OPENBSD
Name: [4.3] 004: SECURITY FIX: July 23, 2008
External Source: VUPEN
Name: ADV-2008-2055
External Source: HP
Name: HPSBUX02351
External Source: FEDORA
Name: FEDORA-2008-6256
External Source: VUPEN
Name: ADV-2008-2025
External Source: SECUNIA
Name: 31354
External Source: SECTRACK
Name: 1020579
External Source: APPLE
Name: APPLE-SA-2008-07-31
External Source: DEBIAN
Name: DSA-1603
Type: Patch Information
External Source: MISC
Name: http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
External Source: CONFIRM
Name: http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning
External Source: SECUNIA
Name: 31094
Type: Advisory
External Source: AIXAPAR
Name: IZ26669
US-CERT Vulnerability Note: CERT
Name: TA08-190A
External Source: SECUNIA
Name: 31169
External Source: SECTRACK
Name: 1020437
External Source: VUPEN
Name: ADV-2008-2582
External Source: HP
Name: HPSBMP02404
External Source: SECUNIA
Name: 30977
External Source: AIXAPAR
Name: IZ26670
External Source: SECTRACK
Name: 1020802
External Source: DEBIAN
Name: DSA-1623
External Source: CONFIRM
Name: http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
External Source: SECTRACK
Name: 1020438
External Source: SECUNIA
Name: 31212
External Source: VUPEN
Name: ADV-2008-2019
External Source: SECUNIA
Name: 31422
External Source: SECUNIA
Name: 31031
External Source: SECUNIA
Name: 31152
External Source: SECUNIA
Name: 31093
External Source: SECTRACK
Name: 1020548
External Source: MANDRIVA
Name: MDVSA-2008:139
External Source: SECUNIA
Name: 31153
External Source: CISCO
Name: 20080708 Multiple Cisco Product Vulnerable to DNS Cache Poisoning Attacks
External Source: SECTRACK
Name: 1020653
US-CERT Vulnerability Note: CERT-VN
Name: VU#800113
External Source: CONFIRM
Name: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
External Source: AIXAPAR
Name: IZ26672
External Source: CONFIRM
Name: http://www.kb.cert.org/vuls/id/MIMG-7DWR4J
External Source: VUPEN
Name: ADV-2008-2342
External Source: SECTRACK
Name: 1020702
External Source: APPLE
Name: APPLE-SA-2008-09-15
External Source: SECUNIA
Name: 31022
External Source: SECUNIA
Name: 30988
Type: Advisory
External Source: VUPEN
Name: ADV-2008-2482
External Source: UBUNTU
Name: USN-622-1
External Source: SECUNIA
Name: 31687
US-CERT Vulnerability Note: CERT
Name: TA08-260A
External Source: VUPEN
Name: ADV-2008-2092
External Source: VUPEN
Name: ADV-2008-2383
External Source: SECUNIA
Name: 31137
Type: Advisory
External Source: HP
Name: HPSBOV02357
External Source: NETBSD
Name: NetBSD-SA2008-009
External Source: XF
Name: cisco-multiple-dns-cache-poisoning(43637)
External Source: CONFIRM
Name: http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
External Source: SECUNIA
Name: 31900
External Source: CONFIRM
Name: http://support.apple.com/kb/HT3129
External Source: MISC
Name: http://www.nominum.com/asset_upload_file741_2661.pdf
External Source: SECTRACK
Name: 1020561
External Source: VUPEN
Name: ADV-2008-2467
External Source: VUPEN
Name: ADV-2008-2196
External Source: OVAL
Name: oval:org.mitre.oval:def:5917
External Source: SECUNIA
Name: 31052
Type: Advisory
External Source: SECUNIA
Name: 30998
External Source: BID
Name: 30131
External Source: SUNALERT
Name: 240048
External Source: SLACKWARE
Name: SSA:2008-191
External Source: MILW0RM
Name: 6122
External Source: GENTOO
Name: GLSA-200807-08
External Source: VUPEN
Name: ADV-2010-0622
External Source: MILW0RM
Name: 6123
External Source: VUPEN
Name: ADV-2008-2584
External Source: SECUNIA
Name: 31882
External Source: CONFIRM
Name: http://support.citrix.com/article/CTX118183
External Source: MISC
Name: http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
External Source: VUPEN
Name: ADV-2008-2030
External Source: SECUNIA
Name: 31151
External Source: MILW0RM
Name: 6130
External Source: DEBIAN
Name: DSA-1619
External Source: SECUNIA
Name: 31019

References to Check Content

Identifier: oval:org.mitre.oval:def:12117
Check System: http://oval.mitre.org/XMLSchema/oval-definitions-5
Identifier: oval:org.mitre.oval:def:5725
Check System: http://oval.mitre.org/XMLSchema/oval-definitions-5
Identifier: oval:org.mitre.oval:def:5761
Check System: http://oval.mitre.org/XMLSchema/oval-definitions-5
Identifier: oval:org.mitre.oval:def:5917
Check System: http://oval.mitre.org/XMLSchema/oval-definitions-5
Identifier: oval:org.mitre.oval:def:9627
Check System: http://oval.mitre.org/XMLSchema/oval-definitions-5

Technical Details

Vulnerability Type (View All)