CVE-2002-2211: BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that…

medium5CVSS 3.1

AVNACLAuNCNIPAN

BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.

Affected

24 ranges

Vendor	Product	Version range	Fixed in
debian	bind9	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—
isc	bind	—	—