CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
95.4%
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka “DNS Insufficient Socket Entropy Vulnerability” or “the Kaminsky bug.”
Vendor | Product | Version | CPE |
---|---|---|---|
canonical | ubuntu_linux | 6.06 | cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* |
canonical | ubuntu_linux | 7.04 | cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* |
canonical | ubuntu_linux | 7.10 | cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* |
canonical | ubuntu_linux | 8.04 | cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* |
cisco | ios | 12.0 | cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* |
debian | debian_linux | 4.0 | cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* |
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* |
microsoft | windows_server_2003 | - | cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:* |
microsoft | windows_server_2003 | - | cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:* |
microsoft | windows_server_2003 | - | cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:* |
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc
blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html
bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368
lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html
lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
marc.info/?l=bugtraq&m=121630706004256&w=2
marc.info/?l=bugtraq&m=121866517322103&w=2
marc.info/?l=bugtraq&m=123324863916385&w=2
marc.info/?l=bugtraq&m=141879471518471&w=2
rhn.redhat.com/errata/RHSA-2008-0533.html
secunia.com/advisories/30925
secunia.com/advisories/30973
secunia.com/advisories/30977
secunia.com/advisories/30979
secunia.com/advisories/30980
secunia.com/advisories/30988
secunia.com/advisories/30989
secunia.com/advisories/30998
secunia.com/advisories/31011
secunia.com/advisories/31012
secunia.com/advisories/31014
secunia.com/advisories/31019
secunia.com/advisories/31022
secunia.com/advisories/31030
secunia.com/advisories/31031
secunia.com/advisories/31033
secunia.com/advisories/31052
secunia.com/advisories/31065
secunia.com/advisories/31072
secunia.com/advisories/31093
secunia.com/advisories/31094
secunia.com/advisories/31137
secunia.com/advisories/31143
secunia.com/advisories/31151
secunia.com/advisories/31152
secunia.com/advisories/31153
secunia.com/advisories/31169
secunia.com/advisories/31197
secunia.com/advisories/31199
secunia.com/advisories/31204
secunia.com/advisories/31207
secunia.com/advisories/31209
secunia.com/advisories/31212
secunia.com/advisories/31213
secunia.com/advisories/31221
secunia.com/advisories/31236
secunia.com/advisories/31237
secunia.com/advisories/31254
secunia.com/advisories/31326
secunia.com/advisories/31354
secunia.com/advisories/31422
secunia.com/advisories/31430
secunia.com/advisories/31451
secunia.com/advisories/31482
secunia.com/advisories/31495
secunia.com/advisories/31588
secunia.com/advisories/31687
secunia.com/advisories/31823
secunia.com/advisories/31882
secunia.com/advisories/31900
secunia.com/advisories/33178
secunia.com/advisories/33714
secunia.com/advisories/33786
security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
security.gentoo.org/glsa/glsa-200807-08.xml
security.gentoo.org/glsa/glsa-200812-17.xml
security.gentoo.org/glsa/glsa-201209-25.xml
slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680
slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239
sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1
sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1
support.apple.com/kb/HT3026
support.apple.com/kb/HT3129
support.citrix.com/article/CTX117991
support.citrix.com/article/CTX118183
support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152
up2date.astaro.com/2008/08/up2date_7202_released.html
wiki.rpath.com/wiki/Advisories:rPSA-2008-0231
wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
www.bluecoat.com/support/security-advisories/dns_cache_poisoning
www.caughq.org/exploits/CAU-EX-2008-0002.txt
www.caughq.org/exploits/CAU-EX-2008-0003.txt
www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml
www.debian.org/security/2008/dsa-1603
www.debian.org/security/2008/dsa-1604
www.debian.org/security/2008/dsa-1605
www.debian.org/security/2008/dsa-1619
www.debian.org/security/2008/dsa-1623
www.doxpara.com/?p=1176
www.doxpara.com/DMK_BO2K8.ppt
www.ibm.com/support/docview.wss?uid=isg1IZ26667
www.ibm.com/support/docview.wss?uid=isg1IZ26668
www.ibm.com/support/docview.wss?uid=isg1IZ26669
www.ibm.com/support/docview.wss?uid=isg1IZ26670
www.ibm.com/support/docview.wss?uid=isg1IZ26671
www.ibm.com/support/docview.wss?uid=isg1IZ26672
www.ipcop.org/index.php?name=News&file=article&sid=40
www.isc.org/index.pl?/sw/bind/bind-security.php
www.kb.cert.org/vuls/id/800113
www.kb.cert.org/vuls/id/MIMG-7DWR4J
www.kb.cert.org/vuls/id/MIMG-7ECL8Q
www.mandriva.com/security/advisories?name=MDVSA-2008:139
www.nominum.com/asset_upload_file741_2661.pdf
www.novell.com/support/viewContent.do?externalId=7000912
www.openbsd.org/errata42.html#013_bind
www.openbsd.org/errata43.html#004_bind
www.phys.uu.nl/~rombouts/pdnsd.html
www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
www.redhat.com/support/errata/RHSA-2008-0789.html
www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html
www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
www.securityfocus.com/archive/1/495289/100/0/threaded
www.securityfocus.com/archive/1/495869/100/0/threaded
www.securityfocus.com/bid/30131
www.securitytracker.com/id?1020437
www.securitytracker.com/id?1020438
www.securitytracker.com/id?1020440
www.securitytracker.com/id?1020448
www.securitytracker.com/id?1020449
www.securitytracker.com/id?1020548
www.securitytracker.com/id?1020558
www.securitytracker.com/id?1020560
www.securitytracker.com/id?1020561
www.securitytracker.com/id?1020575
www.securitytracker.com/id?1020576
www.securitytracker.com/id?1020577
www.securitytracker.com/id?1020578
www.securitytracker.com/id?1020579
www.securitytracker.com/id?1020651
www.securitytracker.com/id?1020653
www.securitytracker.com/id?1020702
www.securitytracker.com/id?1020802
www.securitytracker.com/id?1020804
www.ubuntu.com/usn/usn-622-1
www.ubuntu.com/usn/usn-627-1
www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
www.us-cert.gov/cas/techalerts/TA08-190A.html
www.us-cert.gov/cas/techalerts/TA08-190B.html
www.us-cert.gov/cas/techalerts/TA08-260A.html
www.vmware.com/security/advisories/VMSA-2008-0014.html
www.vupen.com/english/advisories/2008/2019/references
www.vupen.com/english/advisories/2008/2023/references
www.vupen.com/english/advisories/2008/2025/references
www.vupen.com/english/advisories/2008/2029/references
www.vupen.com/english/advisories/2008/2030/references
www.vupen.com/english/advisories/2008/2050/references
www.vupen.com/english/advisories/2008/2051/references
www.vupen.com/english/advisories/2008/2052/references
www.vupen.com/english/advisories/2008/2055/references
www.vupen.com/english/advisories/2008/2092/references
www.vupen.com/english/advisories/2008/2113/references
www.vupen.com/english/advisories/2008/2114/references
www.vupen.com/english/advisories/2008/2123/references
www.vupen.com/english/advisories/2008/2139/references
www.vupen.com/english/advisories/2008/2166/references
www.vupen.com/english/advisories/2008/2195/references
www.vupen.com/english/advisories/2008/2196/references
www.vupen.com/english/advisories/2008/2197/references
www.vupen.com/english/advisories/2008/2268
www.vupen.com/english/advisories/2008/2291
www.vupen.com/english/advisories/2008/2334
www.vupen.com/english/advisories/2008/2342
www.vupen.com/english/advisories/2008/2377
www.vupen.com/english/advisories/2008/2383
www.vupen.com/english/advisories/2008/2384
www.vupen.com/english/advisories/2008/2466
www.vupen.com/english/advisories/2008/2467
www.vupen.com/english/advisories/2008/2482
www.vupen.com/english/advisories/2008/2525
www.vupen.com/english/advisories/2008/2549
www.vupen.com/english/advisories/2008/2558
www.vupen.com/english/advisories/2008/2582
www.vupen.com/english/advisories/2008/2584
www.vupen.com/english/advisories/2009/0297
www.vupen.com/english/advisories/2009/0311
www.vupen.com/english/advisories/2010/0622
docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037
exchange.xforce.ibmcloud.com/vulnerabilities/43334
exchange.xforce.ibmcloud.com/vulnerabilities/43637
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627
www.exploit-db.com/exploits/6122
www.exploit-db.com/exploits/6123
www.exploit-db.com/exploits/6130
www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html
www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
95.4%