MNBSD-2007-2: BIND predictable DNS query IDs enabling cache poisoning, fixed in 9.3.4p1

Severity: Unknown

Affected Package: bind

Summary: BIND predictable DNS query IDs enabling cache poisoning, fixed in 9.3.4p1

Description

BIND was patched (equivalent to 9.3.4p1) to fix a weakness in the generation of DNS query IDs that made them predictable, enabling DNS cache poisoning/spoofing. The fix was applied to the 0.2 and 0.1 branches. This corresponds to FreeBSD-SA-07:07.bind (CVE-2007-2926); the related BIND ACL default issue CVE-2007-2925 was also addressed in 9.3.4p1.

Affected Versions

bind

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2007-2926, CVE-2007-2925

Published: August 01, 2007
Last Modified: August 01, 2007