CVE-2008-1447

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2008-1447

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2008-1447.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2008-1447

Related

Published

2008-07-08T23:41:00Z

Modified

2024-10-25T15:00:06Z

Severity

6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

References

Affected packages

Debian:11 / adns

Package

Name: adns
Purl: pkg:deb/debian/adns?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / adns

Package

Name: adns
Purl: pkg:deb/debian/adns?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / adns

Package

Name: adns
Purl: pkg:deb/debian/adns?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / bind9

Package

Name: bind9
Purl: pkg:deb/debian/bind9?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.5.0.dfsg-5

Ecosystem specific

{
    "urgency": "high"
}

Debian:12 / bind9

Package

Name: bind9
Purl: pkg:deb/debian/bind9?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.5.0.dfsg-5

Ecosystem specific

{
    "urgency": "high"
}

Debian:13 / bind9

Package

Name: bind9
Purl: pkg:deb/debian/bind9?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:9.5.0.dfsg-5

Ecosystem specific

{
    "urgency": "high"
}

Debian:11 / dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/debian/dnsmasq?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.43-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:12 / dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/debian/dnsmasq?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.43-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:13 / dnsmasq

Package

Name: dnsmasq
Purl: pkg:deb/debian/dnsmasq?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.43-1

Ecosystem specific

{
    "urgency": "medium"
}

Debian:11 / dnspython

Package

Name: dnspython
Purl: pkg:deb/debian/dnspython?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / dnspython

Package

Name: dnspython
Purl: pkg:deb/debian/dnspython?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / dnspython

Package

Name: dnspython
Purl: pkg:deb/debian/dnspython?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.7.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / libnet-dns-perl

Package

Name: libnet-dns-perl
Purl: pkg:deb/debian/libnet-dns-perl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.63-2

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / libnet-dns-perl

Package

Name: libnet-dns-perl
Purl: pkg:deb/debian/libnet-dns-perl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.63-2

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / libnet-dns-perl

Package

Name: libnet-dns-perl
Purl: pkg:deb/debian/libnet-dns-perl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.63-2

Ecosystem specific

{
    "urgency": "low"
}

Debian:11 / refpolicy

Package

Name: refpolicy
Purl: pkg:deb/debian/refpolicy?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:0.0.20080702-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / refpolicy

Package

Name: refpolicy
Purl: pkg:deb/debian/refpolicy?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:0.0.20080702-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / refpolicy

Package

Name: refpolicy
Purl: pkg:deb/debian/refpolicy?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:0.0.20080702-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / udns

Package

Name: udns
Purl: pkg:deb/debian/udns?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / udns

Package

Name: udns
Purl: pkg:deb/debian/udns?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / udns

Package

Name: udns
Purl: pkg:deb/debian/udns?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}