| CVE |  | CVE-2008-1447 |
| Статус | | UNKNOWN |
| Описание | | The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." |
| Важность | | Medium |
| CVSS score | | 6,4 |
| CVSS vector | | (AV:N/AC:L/Au:N/C:N/I:P/A:P) |
| Phase | | ASSIGNED (18.07.2011) |
| NVD: | | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447 |
| References |  | AIXAPAR : IZ26667 |
| | | AIXAPAR : IZ26668 |
| | | AIXAPAR : IZ26669 |
| | | AIXAPAR : IZ26670 |
| | | AIXAPAR : IZ26671 |
| | | AIXAPAR : IZ26672 |
| | | APPLE : APPLE-SA-2008-07-31 |
| | | APPLE : APPLE-SA-2008-09-09 |
| | | APPLE : APPLE-SA-2008-09-12 |
| | | APPLE : APPLE-SA-2008-09-15 |
| | | BID : 30131 |
| | | BUGTRAQ : 20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability |
| | | BUGTRAQ : 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. |
| | | CERT-VN : VU#800113 |
| | | CERT : TA08-190A |
| | | CERT : TA08-190B |
| | | CERT : TA08-260A |
| | | CISCO : 20080708 Multiple Cisco Product Vulnerable to DNS Cache Poisoning Attacks |
| | | CISCO : 20080708 Multiple Cisco Product Vulnerable to DNS Cache Poisoning Attacks |
| | | CONFIRM : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=4... |
| | | CONFIRM : http://support.apple.com/kb/HT3026 |
| | | CONFIRM : http://support.apple.com/kb/HT3129 |
| | | CONFIRM : http://support.citrix.com/article/CTX117991 |
| | | CONFIRM : http://support.citrix.com/article/CTX118183 |
| | | CONFIRM : http://support.nortel.com/go/main.jsp?cscat=BLTNDE... |
| | | CONFIRM : http://up2date.astaro.com/2008/08/up2date_7202_rel... |
| | | CONFIRM : http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231 |
| | | CONFIRM : http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018 |
| | | CONFIRM : http://www.bluecoat.com/support/security-advisorie... |
| | | CONFIRM : http://www.ipcop.org/index.php?name=News&file=... |
| | | CONFIRM : http://www.isc.org/index.pl?/sw/bind/bind-security... |
| | | CONFIRM : http://www.kb.cert.org/vuls/id/MIMG-7DWR4J |
| | | CONFIRM : http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q |
| | | CONFIRM : http://www.novell.com/support/viewContent.do?exter... |
| | | CONFIRM : http://www.phys.uu.nl/~rombouts/pdnsd.html |
| | | CONFIRM : http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog |
| | | CONFIRM : http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU80... |
| | | CONFIRM : http://www.ruby-lang.org/en/news/2008/08/08/multip... |
| | | CONFIRM : http://www.vmware.com/security/advisories/VMSA-200... |
| | | DEBIAN : DSA-1603 |
| | | DEBIAN : DSA-1604 |
| | | DEBIAN : DSA-1605 |
| | | DEBIAN : DSA-1619 |
| | | DEBIAN : DSA-1623 |
| | | FEDORA : FEDORA-2008-6256 |
| | | FEDORA : FEDORA-2008-6281 |
| | | FREEBSD : FreeBSD-SA-08:06 |
| | | FULLDISC : 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. |
| | | GENTOO : GLSA-200807-08 |
| | | GENTOO : GLSA-200812-17 |
| | | HP : HPSBOV02357 |
| | | HP : HPSBTU02358 |
| | | HP : SSRT071449 |
| | | HP : SSRT071449 |
| | | HP : SSRT080058 |
| | | HP : SSRT080058 |
| | | HP : SSRT090014 |
| | | HP : SSRT090014 |
| | | MANDRIVA : MDVSA-2008:139 |
| | | MILW0RM : 6122 |
| | | MILW0RM : 6123 |
| | | MILW0RM : 6130 |
| | | MISC : http://blog.invisibledenizen.org/2008/07/kaminskys... |
| | | MISC : http://www.caughq.org/exploits/CAU-EX-2008-0002.txt |
| | | MISC : http://www.caughq.org/exploits/CAU-EX-2008-0003.txt |
| | | MISC : http://www.doxpara.com/?p=1176 |
| | | MISC : http://www.doxpara.com/DMK_BO2K8.ppt |
| | | MISC : http://www.nominum.com/asset_upload_file741_2661.pdf |
| | | MISC : http://www.unixwiz.net/techtips/iguide-kaminsky-dn... |
| | | MS : MS08-037 |
| | | NETBSD : NetBSD-SA2008-009 |
| | | OPENBSD : [4.2] 013: SECURITY FIX: July 23, 2008 |
| | | OPENBSD : [4.3] 004: SECURITY FIX: July 23, 2008 |
| | | OVAL : oval:org.mitre.oval:def:5725 |
| | | OVAL : oval:org.mitre.oval:def:5761 |
| | | OVAL : oval:org.mitre.oval:def:5917 |
| | | OVAL : oval:org.mitre.oval:def:9627 |
| | | REDHAT : RHSA-2008:0533 |
| | | REDHAT : RHSA-2008:0789 |
| | | SECTRACK : 1020437 |
| | | SECTRACK : 1020438 |
| | | SECTRACK : 1020440 |
| | | SECTRACK : 1020448 |
| | | SECTRACK : 1020449 |
| | | SECTRACK : 1020548 |
| | | SECTRACK : 1020558 |
| | | SECTRACK : 1020560 |
| | | SECTRACK : 1020561 |
| | | SECTRACK : 1020575 |
| | | SECTRACK : 1020576 |
| | | SECTRACK : 1020577 |
| | | SECTRACK : 1020578 |
| | | SECTRACK : 1020579 |
| | | SECTRACK : 1020651 |
| | | SECTRACK : 1020653 |
| | | SECTRACK : 1020702 |
| | | SECTRACK : 1020802 |
| | | SECTRACK : 1020804 |
| | | SECUNIA : 30925 |
| | | SECUNIA : 30973 |
| | | SECUNIA : 30977 |
| | | SECUNIA : 30979 |
| | | SECUNIA : 30980 |
| | | SECUNIA : 30988 |
| | | SECUNIA : 30989 |
| | | SECUNIA : 30998 |
| | | SECUNIA : 31011 |
| | | SECUNIA : 31012 |
| | | SECUNIA : 31014 |
| | | SECUNIA : 31019 |
| | | SECUNIA : 31022 |
| | | SECUNIA : 31030 |
| | | SECUNIA : 31031 |
| | | SECUNIA : 31033 |
| | | SECUNIA : 31052 |
| | | SECUNIA : 31065 |
| | | SECUNIA : 31072 |
| | | SECUNIA : 31093 |
| | | SECUNIA : 31094 |
| | | SECUNIA : 31137 |
| | | SECUNIA : 31143 |
| | | SECUNIA : 31151 |
| | | SECUNIA : 31152 |
| | | SECUNIA : 31153 |
| | | SECUNIA : 31169 |
| | | SECUNIA : 31197 |
| | | SECUNIA : 31199 |
| | | SECUNIA : 31204 |
| | | SECUNIA : 31207 |
| | | SECUNIA : 31209 |
| | | SECUNIA : 31212 |
| | | SECUNIA : 31213 |
| | | SECUNIA : 31221 |
| | | SECUNIA : 31236 |
| | | SECUNIA : 31237 |
| | | SECUNIA : 31254 |
| | | SECUNIA : 31326 |
| | | SECUNIA : 31354 |
| | | SECUNIA : 31422 |
| | | SECUNIA : 31430 |
| | | SECUNIA : 31451 |
| | | SECUNIA : 31482 |
| | | SECUNIA : 31495 |
| | | SECUNIA : 31588 |
| | | SECUNIA : 31687 |
| | | SECUNIA : 31823 |
| | | SECUNIA : 31882 |
| | | SECUNIA : 31900 |
| | | SECUNIA : 33178 |
| | | SECUNIA : 33714 |
| | | SECUNIA : 33786 |
| | | SLACKWARE : SSA:2008-191 |
| | | SLACKWARE : SSA:2008-205-01 |
| | | SUNALERT : 239392 |
| | | SUNALERT : 240048 |
| | | SUSE : SUSE-SA:2008:033 |
| | | SUSE : SUSE-SR:2008:017 |
| | | UBUNTU : USN-622-1 |
| | | VUPEN : ADV-2008-2019 |
| | | VUPEN : ADV-2008-2023 |
| | | VUPEN : ADV-2008-2025 |
| | | VUPEN : ADV-2008-2029 |
| | | VUPEN : ADV-2008-2030 |
| | | VUPEN : ADV-2008-2050 |
| | | VUPEN : ADV-2008-2051 |
| | | VUPEN : ADV-2008-2052 |
| | | VUPEN : ADV-2008-2055 |
| | | VUPEN : ADV-2008-2092 |
| | | VUPEN : ADV-2008-2113 |
| | | VUPEN : ADV-2008-2114 |
| | | VUPEN : ADV-2008-2123 |
| | | VUPEN : ADV-2008-2139 |
| | | VUPEN : ADV-2008-2166 |
| | | VUPEN : ADV-2008-2195 |
| | | VUPEN : ADV-2008-2196 |
| | | VUPEN : ADV-2008-2197 |
| | | VUPEN : ADV-2008-2268 |
| | | VUPEN : ADV-2008-2291 |
| | | VUPEN : ADV-2008-2334 |
| | | VUPEN : ADV-2008-2342 |
| | | VUPEN : ADV-2008-2377 |
| | | VUPEN : ADV-2008-2383 |
| | | VUPEN : ADV-2008-2384 |
| | | VUPEN : ADV-2008-2466 |
| | | VUPEN : ADV-2008-2467 |
| | | VUPEN : ADV-2008-2482 |
| | | VUPEN : ADV-2008-2525 |
| | | VUPEN : ADV-2008-2549 |
| | | VUPEN : ADV-2008-2558 |
| | | VUPEN : ADV-2008-2582 |
| | | VUPEN : ADV-2008-2584 |
| | | VUPEN : ADV-2009-0297 |
| | | VUPEN : ADV-2009-0311 |
| | | VUPEN : ADV-2010-0622 |
| | | XF : cisco-multiple-dns-cache-poisoning(43637) |
| | | XF : win-dns-client-server-spoofing(43334) |
| SecurityVulns: |  | Подмена DNS-ответов в DNS-сервере и DNS-клиенте Microsoft Windows |
| | | Подмена DNS-записей во многих клиентах и серверах DNS |
| | | Многочисленные уязвимости безопасности в продуктах VMWare |
| | | Многочисленные уязвимости безопасности в dnsmasq |
