gsd-2008-1447
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Aliases
Aliases
{ "GSD": { "alias": "CVE-2008-1447", "description": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\"", "id": "GSD-2008-1447", "references": [ "https://www.suse.com/security/cve/CVE-2008-1447.html", "https://www.debian.org/security/2008/dsa-1623", "https://www.debian.org/security/2008/dsa-1619", "https://www.debian.org/security/2008/dsa-1617", "https://www.debian.org/security/2008/dsa-1605", "https://www.debian.org/security/2008/dsa-1604", "https://www.debian.org/security/2008/dsa-1603", "https://access.redhat.com/errata/RHSA-2008:0789", "https://access.redhat.com/errata/RHSA-2008:0533", "https://linux.oracle.com/cve/CVE-2008-1447.html", "https://packetstormsecurity.com/files/cve/CVE-2008-1447" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2008-1447" ], "details": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\"", "id": "GSD-2008-1447", "modified": "2023-12-13T01:23:02.966860Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2008-1447", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1020438", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020438" }, { "name": "FEDORA-2008-6256", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html" }, { "name": "SUSE-SR:2008:017", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "name": "VU#800113", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/800113" }, { "name": "31137", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31137" }, { "name": "31430", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31430" }, { "name": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J" }, { "name": "31169", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31169" }, { "name": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "refsource": "CONFIRM", "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html" }, { "name": "1020702", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020702" }, { "name": "GLSA-201209-25", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml" }, { "name": "ADV-2008-2052", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2052/references" }, { "name": "1020561", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020561" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" }, { "name": "HPSBOV03226", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2" }, { "name": "1020578", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020578" }, { "name": "FreeBSD-SA-08:06", "refsource": "FREEBSD", "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc" }, { "name": "oval:org.mitre.oval:def:9627", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627" }, { "name": "1020802", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020802" }, { "name": "HPSBMP02404", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2" }, { "name": "30131", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30131" }, { "name": "[4.2] 013: SECURITY FIX: July 23, 2008", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata42.html#013_bind" }, { "name": "31236", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31236" }, { "name": "APPLE-SA-2008-09-15", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "name": "1020651", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020651" }, { "name": "1020437", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020437" }, { "name": "31209", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31209" }, { "name": "31012", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31012" }, { "name": "31151", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31151" }, { "name": "ADV-2008-2050", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2050/references" }, { "name": "http://support.citrix.com/article/CTX117991", "refsource": "CONFIRM", "url": "http://support.citrix.com/article/CTX117991" }, { "name": "SSRT101004", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2" }, { "name": "31237", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31237" }, { "name": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "refsource": "CONFIRM", "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog" }, { "name": "APPLE-SA-2008-07-31", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html" }, { "name": "win-dns-client-server-spoofing(43334)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334" }, { "name": "31495", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31495" }, { "name": "6130", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6130" }, { "name": "20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml" }, { "name": "1020579", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020579" }, { "name": "http://www.nominum.com/asset_upload_file741_2661.pdf", "refsource": "MISC", "url": "http://www.nominum.com/asset_upload_file741_2661.pdf" }, { "name": "1020653", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020653" }, { "name": "30998", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30998" }, { "name": "DSA-1603", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1603" }, { "name": "ADV-2008-2525", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2525" }, { "name": "SUSE-SA:2008:033", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html" }, { "name": "31094", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31094" }, { "name": "IZ26668", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668" }, { "name": "31687", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31687" }, { "name": "ADV-2008-2025", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2025/references" }, { "name": "239392", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1" }, { "name": "TA08-260A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "name": "31588", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31588" }, { "name": "31019", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31019" }, { "name": "ADV-2008-2029", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2029/references" }, { "name": "SSRT080058", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2" }, { "name": "6123", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6123" }, { "name": "IZ26671", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671" }, { "name": "FEDORA-2008-6281", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html" }, { "name": "ADV-2008-2268", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2268" }, { "name": "ADV-2009-0297", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0297" }, { "name": "HPSBUX02351", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2" }, { "name": "31207", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31207" }, { "name": "31031", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31031" }, { "name": "ADV-2008-2584", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "name": "31451", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31451" }, { "name": "ADV-2008-2051", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2051/references" }, { "name": "30977", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30977" }, { "name": "RHSA-2008:0789", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html" }, { "name": "ADV-2008-2377", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2377" }, { "name": "HPSBNS02405", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368" }, { "name": "1020558", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020558" }, { "name": "31221", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31221" }, { "name": "RHSA-2008:0533", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html" }, { "name": "[4.3] 004: SECURITY FIX: July 23, 2008", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata43.html#004_bind" }, { "name": "1020804", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020804" }, { "name": "31143", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31143" }, { "name": "20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded" }, { "name": "ADV-2008-2195", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2195/references" }, { "name": "ADV-2008-2196", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2196/references" }, { "name": "33714", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33714" }, { "name": "HPSBTU02358", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2" }, { "name": "33786", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33786" }, { "name": "1020448", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020448" }, { "name": "31882", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31882" }, { "name": "ADV-2008-2384", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2384" }, { "name": "IZ26669", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669" }, { "name": "http://up2date.astaro.com/2008/08/up2date_7202_released.html", "refsource": "CONFIRM", "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html" }, { "name": "ADV-2008-2123", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2123/references" }, { "name": "http://support.apple.com/kb/HT3026", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3026" }, { "name": "31014", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31014" }, { "name": "30979", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30979" }, { "name": "1020575", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020575" }, { "name": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "refsource": "CONFIRM", "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "name": "ADV-2008-2482", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2482" }, { "name": "IZ26672", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672" }, { "name": "http://support.apple.com/kb/HT3129", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3129" }, { "name": "DSA-1619", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1619" }, { "name": "ADV-2008-2166", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2166/references" }, { "name": "31072", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31072" }, { "name": "ADV-2008-2139", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2139/references" }, { "name": "oval:org.mitre.oval:def:5761", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761" }, { "name": "ADV-2008-2092", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2092/references" }, { "name": "31482", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31482" }, { "name": "IZ26670", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670" }, { "name": "MDVSA-2008:139", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139" }, { "name": "oval:org.mitre.oval:def:5917", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917" }, { "name": "30989", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30989" }, { "name": "ADV-2008-2055", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2055/references" }, { "name": "SSRT071449", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368" }, { "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=762152", "refsource": "CONFIRM", "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=762152" }, { "name": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=40", "refsource": "CONFIRM", "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=40" }, { "name": "31065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31065" }, { "name": "31254", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31254" }, { "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded" }, { "name": "http://www.doxpara.com/?p=1176", "refsource": "MISC", "url": "http://www.doxpara.com/?p=1176" }, { "name": "NetBSD-SA2008-009", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc" }, { "name": "USN-627-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-627-1" }, { "name": "ADV-2010-0622", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0622" }, { "name": "1020576", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020576" }, { "name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "refsource": "CONFIRM", "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" }, { "name": "HPSBOV02357", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520" }, { "name": "31153", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31153" }, { "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231" }, { "name": "ADV-2008-2549", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2549" }, { "name": "IZ26667", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667" }, { "name": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html", "refsource": "CONFIRM", "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html" }, { "name": "31213", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31213" }, { "name": "31030", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31030" }, { "name": "USN-622-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-622-1" }, { "name": "31033", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31033" }, { "name": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html", "refsource": "MISC", "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html" }, { "name": "1020440", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020440" }, { "name": "APPLE-SA-2008-09-12", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html" }, { "name": "http://www.doxpara.com/DMK_BO2K8.ppt", "refsource": "MISC", "url": "http://www.doxpara.com/DMK_BO2K8.ppt" }, { "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" }, { "name": "DSA-1604", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1604" }, { "name": "31823", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31823" }, { "name": "31326", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31326" }, { "name": "ADV-2008-2558", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2558" }, { "name": "6122", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6122" }, { "name": "oval:org.mitre.oval:def:5725", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725" }, { "name": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt", "refsource": "MISC", "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt" }, { "name": "cisco-multiple-dns-cache-poisoning(43637)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637" }, { "name": "ADV-2008-2383", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2383" }, { "name": "1020560", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020560" }, { "name": "31900", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31900" }, { "name": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q" }, { "name": "http://support.citrix.com/article/CTX118183", "refsource": "CONFIRM", "url": "http://support.citrix.com/article/CTX118183" }, { "name": "30925", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30925" }, { "name": "ADV-2009-0311", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0311" }, { "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018" }, { "name": "DSA-1623", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1623" }, { "name": "ADV-2008-2582", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2582" }, { "name": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt", "refsource": "MISC", "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt" }, { "name": "DSA-1605", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1605" }, { "name": "http://www.novell.com/support/viewContent.do?externalId=7000912", "refsource": "CONFIRM", "url": "http://www.novell.com/support/viewContent.do?externalId=7000912" }, { "name": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning", "refsource": "CONFIRM", "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning" }, { "name": "ADV-2008-2342", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2342" }, { "name": "ADV-2008-2114", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2114/references" }, { "name": "30973", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30973" }, { "name": "31204", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31204" }, { "name": "31354", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31354" }, { "name": "GLSA-200812-17", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "name": "oval:org.mitre.oval:def:12117", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117" }, { "name": "33178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33178" }, { "name": "30988", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30988" }, { "name": "APPLE-SA-2008-09-09", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html" }, { "name": "31011", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31011" }, { "name": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html", "refsource": "MISC", "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html" }, { "name": "ADV-2008-2334", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "name": "1020577", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020577" }, { "name": "31422", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31422" }, { "name": "31197", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31197" }, { "name": "1020548", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020548" }, { "name": "ADV-2008-2467", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2467" }, { "name": "240048", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1" }, { "name": "TA08-190B", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html" }, { "name": "TA08-190A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html" }, { "name": "GLSA-200807-08", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml" }, { "name": "31022", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31022" }, { "name": "SSA:2008-191", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239" }, { "name": "1020449", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020449" }, { "name": "31093", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31093" }, { "name": "31052", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31052" }, { "name": "30980", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30980" }, { "name": "SSA:2008-205-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "name": "31199", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31199" }, { "name": "ADV-2008-2030", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2030/references" }, { "name": "ADV-2008-2291", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2291" }, { "name": "ADV-2008-2023", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2023/references" }, { "name": "SSRT090014", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2" }, { "name": "ADV-2008-2466", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2466" }, { "name": "MS08-037", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037" }, { "name": "31212", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31212" }, { "name": "ADV-2008-2113", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2113/references" }, { "name": "31152", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31152" }, { "name": "ADV-2008-2019", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2019/references" }, { "name": "ADV-2008-2197", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2197/references" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2008-1447" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-331" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-1603", "refsource": "DEBIAN", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2008/dsa-1603" }, { "name": "DSA-1604", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2008/dsa-1604" }, { "name": "DSA-1605", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2008/dsa-1605" }, { "name": "USN-622-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/usn-622-1" }, { "name": "TA08-190B", "refsource": "CERT", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html" }, { "name": "VU#800113", "refsource": "CERT-VN", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/800113" }, { "name": "1020438", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020438" }, { "name": "1020440", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020440" }, { "name": "1020437", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020437" }, { "name": "31207", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/31207" }, { "name": "239392", "refsource": "SUNALERT", "tags": [ "Third Party Advisory" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1" }, { "name": "RHSA-2008:0533", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html" }, { "name": "31237", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/31237" }, { "name": "IZ26668", "refsource": "AIXAPAR", "tags": [ "Third Party Advisory" ], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668" }, { "name": "IZ26669", "refsource": "AIXAPAR", "tags": [ "Third Party Advisory" ], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669" }, { "name": "NetBSD-SA2008-009", "refsource": "NETBSD", "tags": [ "Third Party Advisory", "Vendor Advisory" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc" }, { "name": "http://www.doxpara.com/DMK_BO2K8.ppt", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "http://www.doxpara.com/DMK_BO2K8.ppt" }, { "name": "30989", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30989" }, { "name": "FEDORA-2008-6281", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html" }, { "name": "31094", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/31094" }, { "name": "APPLE-SA-2008-07-31", "refsource": "APPLE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html" }, { "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231" }, { "name": "http://www.nominum.com/asset_upload_file741_2661.pdf", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "http://www.nominum.com/asset_upload_file741_2661.pdf" }, { "name": "31197", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/31197" }, { "name": "31137", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/31137" }, { "name": "31254", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/31254" }, { "name": "1020561", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020561" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" }, { "name": "SSRT080058", "refsource": "HP", "tags": [ "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2" }, { "name": "DSA-1619", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2008/dsa-1619" }, { "name": "30988", "refsource": "SECUNIA", "tags": [ "Third Party Advisory", "Vendor Advisory" ], "url": "http://secunia.com/advisories/30988" }, { "name": "31033", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/31033" }, { "name": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html" }, { "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "refsource": "FULLDISC", "tags": [ "Broken Link" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" }, { "name": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning" }, { "name": "1020578", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020578" }, { "name": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html", "refsource": "MISC", "tags": [ "Technical Description" ], "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html" }, { "name": "http://www.doxpara.com/?p=1176", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "http://www.doxpara.com/?p=1176" }, { "name": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "name": "31052", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/31052" }, { "name": "http://support.citrix.com/article/CTX117991", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://support.citrix.com/article/CTX117991" }, { "name": "31169", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31169" }, { "name": "http://up2date.astaro.com/2008/08/up2date_7202_released.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html" }, { "name": "MDVSA-2008:139", "refsource": "MANDRIVA", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139" }, { "name": "[4.3] 004: SECURITY FIX: July 23, 2008", "refsource": "OPENBSD", "tags": [ "Third Party Advisory" ], "url": "http://www.openbsd.org/errata43.html#004_bind" }, { "name": "IZ26667", "refsource": "AIXAPAR", "tags": [ "Third Party Advisory" ], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667" }, { "name": "31152", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31152" }, { "name": "1020560", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020560" }, { "name": "31221", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31221" }, { "name": "30925", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/30925" }, { "name": "31093", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31093" }, { "name": "30973", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/30973" }, { "name": "31354", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31354" }, { "name": "1020577", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020577" }, { "name": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=40", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.ipcop.org/index.php?name=News\u0026file=article\u0026sid=40" }, { "name": "31151", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31151" }, { "name": "31019", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31019" }, { "name": "APPLE-SA-2008-09-09", "refsource": "APPLE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html" }, { "name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" }, { "name": "31143", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31143" }, { "name": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J", "refsource": "CONFIRM", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J" }, { "name": "30980", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/30980" }, { "name": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt" }, { "name": "30977", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/30977" }, { "name": "SUSE-SA:2008:033", "refsource": "SUSE", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html" }, { "name": "1020575", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020575" }, { "name": "1020802", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020802" }, { "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=762152", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=762152" }, { "name": "31451", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31451" }, { "name": "FEDORA-2008-6256", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html" }, { "name": "31031", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31031" }, { "name": "SSA:2008-205-01", "refsource": "SLACKWARE", "tags": [ "Third Party Advisory" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680" }, { "name": "30131", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/30131" }, { "name": "IZ26672", "refsource": "AIXAPAR", "tags": [ "Third Party Advisory" ], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672" }, { "name": "31212", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31212" }, { "name": "31236", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31236" }, { "name": "IZ26671", "refsource": "AIXAPAR", "tags": [ "Third Party Advisory" ], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671" }, { "name": "31209", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31209" }, { "name": "SUSE-SR:2008:017", "refsource": "SUSE", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "name": "240048", "refsource": "SUNALERT", "tags": [ "Third Party Advisory" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1" }, { "name": "GLSA-200807-08", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml" }, { "name": "31011", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31011" }, { "name": "1020576", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020576" }, { "name": "31326", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31326" }, { "name": "[4.2] 013: SECURITY FIX: July 23, 2008", "refsource": "OPENBSD", "tags": [ "Third Party Advisory" ], "url": "http://www.openbsd.org/errata42.html#013_bind" }, { "name": "TA08-190A", "refsource": "CERT", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html" }, { "name": "1020558", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020558" }, { "name": "31014", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31014" }, { "name": "DSA-1623", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2008/dsa-1623" }, { "name": "31199", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31199" }, { "name": "1020579", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020579" }, { "name": "31204", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31204" }, { "name": "31072", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31072" }, { "name": "30979", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/30979" }, { "name": "30998", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/30998" }, { "name": "31213", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31213" }, { "name": "31153", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31153" }, { "name": "FreeBSD-SA-08:06", "refsource": "FREEBSD", "tags": [ "Third Party Advisory" ], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc" }, { "name": "IZ26670", "refsource": "AIXAPAR", "tags": [ "Third Party Advisory" ], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670" }, { "name": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html" }, { "name": "31687", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31687" }, { "name": "APPLE-SA-2008-09-15", "refsource": "APPLE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "name": "APPLE-SA-2008-09-12", "refsource": "APPLE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html" }, { "name": "http://support.apple.com/kb/HT3129", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://support.apple.com/kb/HT3129" }, { "name": "31588", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31588" }, { "name": "31900", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31900" }, { "name": "31882", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31882" }, { "name": "31823", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31823" }, { "name": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html" }, { "name": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog" }, { "name": "1020653", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020653" }, { "name": "1020651", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020651" }, { "name": "31422", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31422" }, { "name": "RHSA-2008:0789", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html" }, { "name": "1020548", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020548" }, { "name": "http://support.citrix.com/article/CTX118183", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://support.citrix.com/article/CTX118183" }, { "name": "31030", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31030" }, { "name": "1020448", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020448" }, { "name": "31012", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31012" }, { "name": "1020702", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020702" }, { "name": "http://support.apple.com/kb/HT3026", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://support.apple.com/kb/HT3026" }, { "name": "31022", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31022" }, { "name": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt" }, { "name": "1020804", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020804" }, { "name": "SSA:2008-191", "refsource": "SLACKWARE", "tags": [ "Third Party Advisory" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239" }, { "name": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q", "refsource": "CONFIRM", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q" }, { "name": "31065", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31065" }, { "name": "TA08-260A", "refsource": "CERT", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "name": "http://www.novell.com/support/viewContent.do?externalId=7000912", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.novell.com/support/viewContent.do?externalId=7000912" }, { "name": "1020449", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1020449" }, { "name": "GLSA-200812-17", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "name": "33178", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/33178" }, { "name": "31482", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31482" }, { "name": "HPSBTU02358", "refsource": "HP", "tags": [ "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2" }, { "name": "31430", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31430" }, { "name": "31495", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/31495" }, { "name": "HPSBOV02357", "refsource": "HP", "tags": [ "Broken Link" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520" }, { "name": "HPSBMP02404", "refsource": "HP", "tags": [ "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2" }, { "name": "33714", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/33714" }, { "name": "33786", "refsource": "SECUNIA", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/33786" }, { "name": "HPSBNS02405", "refsource": "HP", "tags": [ "Broken Link" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368" }, { "name": "ADV-2010-0622", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2010/0622" }, { "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018" }, { "name": "ADV-2008-2195", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2195/references" }, { "name": "ADV-2008-2019", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2019/references" }, { "name": "ADV-2008-2558", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2558" }, { "name": "ADV-2008-2092", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2092/references" }, { "name": "ADV-2008-2123", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2123/references" }, { "name": "ADV-2008-2113", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2113/references" }, { "name": "ADV-2008-2025", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2025/references" }, { "name": "ADV-2008-2139", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2139/references" }, { "name": "ADV-2008-2029", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2029/references" }, { "name": "ADV-2008-2549", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2549" }, { "name": "ADV-2008-2334", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "name": "ADV-2008-2467", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2467" }, { "name": "ADV-2008-2030", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2030/references" }, { "name": "ADV-2008-2384", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2384" }, { "name": "ADV-2008-2482", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2482" }, { "name": "ADV-2008-2377", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2377" }, { "name": "ADV-2008-2342", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2342" }, { "name": "ADV-2009-0297", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/0297" }, { "name": "ADV-2008-2166", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2166/references" }, { "name": "ADV-2008-2466", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2466" }, { "name": "ADV-2008-2055", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2055/references" }, { "name": "ADV-2009-0311", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/0311" }, { "name": "ADV-2008-2383", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2383" }, { "name": "ADV-2008-2196", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2196/references" }, { "name": "ADV-2008-2197", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2197/references" }, { "name": "ADV-2008-2050", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2050/references" }, { "name": "ADV-2008-2023", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2023/references" }, { "name": "ADV-2008-2114", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2114/references" }, { "name": "ADV-2008-2051", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2051/references" }, { "name": "ADV-2008-2291", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2291" }, { "name": "ADV-2008-2525", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2525" }, { "name": "ADV-2008-2584", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "name": "ADV-2008-2268", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2268" }, { "name": "ADV-2008-2582", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2582" }, { "name": "ADV-2008-2052", "refsource": "VUPEN", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/2052/references" }, { "name": "USN-627-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/usn-627-1" }, { "name": "GLSA-201209-25", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml" }, { "name": "HPSBOV03226", "refsource": "HP", "tags": [ "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2" }, { "name": "20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks", "refsource": "CISCO", "tags": [ "Third Party Advisory" ], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml" }, { "name": "cisco-multiple-dns-cache-poisoning(43637)", "refsource": "XF", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637" }, { "name": "win-dns-client-server-spoofing(43334)", "refsource": "XF", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334" }, { "name": "6130", "refsource": "EXPLOIT-DB", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/6130" }, { "name": "6123", "refsource": "EXPLOIT-DB", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/6123" }, { "name": "6122", "refsource": "EXPLOIT-DB", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/6122" }, { "name": "oval:org.mitre.oval:def:9627", "refsource": "OVAL", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627" }, { "name": "oval:org.mitre.oval:def:5917", "refsource": "OVAL", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917" }, { "name": "oval:org.mitre.oval:def:5761", "refsource": "OVAL", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761" }, { "name": "oval:org.mitre.oval:def:5725", "refsource": "OVAL", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725" }, { "name": "oval:org.mitre.oval:def:12117", "refsource": "OVAL", "tags": [ "Tool Signature" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117" }, { "name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded" }, { "name": "20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability", "refsource": "BUGTRAQ", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded" }, { "name": "MS08-037", "refsource": "MS", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 4.0 } }, "lastModifiedDate": "2020-03-24T18:19Z", "publishedDate": "2008-07-08T23:41Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.