Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-1447Insufficient Entropy in Bind

CWE-331Insufficient EntropyCWE-310CWE-39925 documents11 sources
Severity
6.8MEDIUMNVD
EPSS
86.7%
top 0.58%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
GNU AdnsISC Bind9Thekelleys Dnsmasq+1 more
Timeline
PublishedJul 8
Latest updateMay 3

Description

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kamin

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:NExploitability: 2.2 | Impact: 4.0

Affected Packages4 packages

Debianisc/bind9< 1:9.5.0.dfsg-5+3
NVDisc/bind4, 8, 9.2.9+2
Debiangnu/adns< 1.4-2+3
Debianthekelleys/dnsmasq< 2.43-1+3

Patches

Patch: www.debian.orgPatch: docs.microsoft.comPatch: www.debian.org

🔴Vulnerability Details

4
GHSA
GHSA-r5r9-27m2-2jg7: The DNS protocol, as implemented in (1) BIND 8 and 9 before 92022-05-03
OSV
CVE-2008-4099: PyDNS (aka python-dns) before 22008-09-18
OSV
CVE-2008-1447: The DNS protocol, as implemented in (1) BIND 8 and 9 before 92008-07-08
CVEList
CVE-2008-1447: The DNS protocol, as implemented in (1) BIND 8 and 9 before 92008-07-08

💥Exploits & PoCs

3
Exploit-DB
BIND 9.x - Remote DNS Cache Poisoning2008-07-25
Exploit-DB
BIND 9.x - Remote DNS Cache Poisoning2008-07-24
Exploit-DB
BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning (Metasploit)2008-07-23

📋Vendor Advisories

12
Cisco
Cisco IOS IPS Denial of Service Vulnerability2008-09-24
Red Hat
adns: DNS spoofing flaw2008-09-11
Red Hat
python-PyDNS: insecure DNS transaction ids2008-09-11
Red Hat
python-pydns uses insecure DNS source ports2008-09-11
Red Hat
ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module2008-08-08

💬Community

5
Bugzilla
CVE-2008-4100 adns: DNS spoofing flaw2008-09-18
Bugzilla
CVE-2008-4099 python-PyDNS: insecure DNS transaction ids2008-09-18
Bugzilla
CVE-2008-4126 python-pydns uses insecure DNS source ports2008-09-18
Bugzilla
CVE-2008-3905 ruby: use of predictable source port and transaction id in DNS requests done by resolv.rb module2008-09-08
Bugzilla
CVE-2008-1447 bind: implement source UDP port randomization (CERT VU#800113)2008-06-02
CVE-2008-1447 — Insufficient Entropy in ISC Bind | cvebase