{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-08T00:00:00", "descriptions": [{"lang": "en", "value": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "1020438", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020438"}, {"name": "FEDORA-2008-6256", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html"}, {"name": "SUSE-SR:2008:017", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"name": "VU#800113", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/800113"}, {"name": "31137", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31137"}, {"name": "31430", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31430"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J"}, {"name": "31169", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31169"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"name": "1020702", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020702"}, {"name": "GLSA-201209-25", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"name": "ADV-2008-2052", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2052/references"}, {"name": "1020561", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020561"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"}, {"name": "HPSBOV03226", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"}, {"name": "1020578", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020578"}, {"name": "FreeBSD-SA-08:06", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"}, {"name": "oval:org.mitre.oval:def:9627", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627"}, {"name": "1020802", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020802"}, {"name": "HPSBMP02404", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2"}, {"name": "30131", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30131"}, {"name": "[4.2] 013: SECURITY FIX: July 23, 2008", "tags": ["vendor-advisory", "x_refsource_OPENBSD"], "url": "http://www.openbsd.org/errata42.html#013_bind"}, {"name": "31236", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31236"}, {"name": "APPLE-SA-2008-09-15", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"}, {"name": "1020651", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020651"}, {"name": "1020437", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020437"}, {"name": "31209", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31209"}, {"name": "31012", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31012"}, {"name": "31151", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31151"}, {"name": "ADV-2008-2050", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2050/references"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.citrix.com/article/CTX117991"}, {"name": "SSRT101004", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"}, {"name": "31237", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31237"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"name": "APPLE-SA-2008-07-31", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"}, {"name": "win-dns-client-server-spoofing(43334)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"}, {"name": "31495", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31495"}, {"name": "6130", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/6130"}, {"name": "20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml"}, {"name": "1020579", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020579"}, {"tags": ["x_refsource_MISC"], "url": "http://www.nominum.com/asset_upload_file741_2661.pdf"}, {"name": "1020653", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020653"}, {"name": "30998", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30998"}, {"name": "DSA-1603", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1603"}, {"name": "ADV-2008-2525", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2525"}, {"name": "SUSE-SA:2008:033", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"}, {"name": "31094", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31094"}, {"name": "IZ26668", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668"}, {"name": "31687", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31687"}, {"name": "ADV-2008-2025", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2025/references"}, {"name": "239392", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"}, {"name": "TA08-260A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"}, {"name": "31588", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31588"}, {"name": "31019", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31019"}, {"name": "ADV-2008-2029", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2029/references"}, {"name": "SSRT080058", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2"}, {"name": "6123", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/6123"}, {"name": "IZ26671", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671"}, {"name": "FEDORA-2008-6281", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html"}, {"name": "ADV-2008-2268", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2268"}, {"name": "ADV-2009-0297", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0297"}, {"name": "HPSBUX02351", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2"}, {"name": "31207", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31207"}, {"name": "31031", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31031"}, {"name": "ADV-2008-2584", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2584"}, {"name": "31451", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31451"}, {"name": "ADV-2008-2051", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2051/references"}, {"name": "30977", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30977"}, {"name": "RHSA-2008:0789", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html"}, {"name": "ADV-2008-2377", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2377"}, {"name": "HPSBNS02405", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"}, {"name": "1020558", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020558"}, {"name": "31221", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31221"}, {"name": "RHSA-2008:0533", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html"}, {"name": "[4.3] 004: SECURITY FIX: July 23, 2008", "tags": ["vendor-advisory", "x_refsource_OPENBSD"], "url": "http://www.openbsd.org/errata43.html#004_bind"}, {"name": "1020804", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020804"}, {"name": "31143", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31143"}, {"name": "20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"}, {"name": "ADV-2008-2195", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2195/references"}, {"name": "ADV-2008-2196", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2196/references"}, {"name": "33714", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33714"}, {"name": "HPSBTU02358", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2"}, {"name": "33786", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33786"}, {"name": "1020448", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020448"}, {"name": "31882", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31882"}, {"name": "ADV-2008-2384", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2384"}, {"name": "IZ26669", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"}, {"name": "ADV-2008-2123", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2123/references"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3026"}, {"name": "31014", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31014"}, {"name": "30979", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30979"}, {"name": "1020575", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020575"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"}, {"name": "ADV-2008-2482", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2482"}, {"name": "IZ26672", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3129"}, {"name": "DSA-1619", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1619"}, {"name": "ADV-2008-2166", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2166/references"}, {"name": "31072", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31072"}, {"name": "ADV-2008-2139", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2139/references"}, {"name": "oval:org.mitre.oval:def:5761", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761"}, {"name": "ADV-2008-2092", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2092/references"}, {"name": "31482", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31482"}, {"name": "IZ26670", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670"}, {"name": "MDVSA-2008:139", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139"}, {"name": "oval:org.mitre.oval:def:5917", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917"}, {"name": "30989", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30989"}, {"name": "ADV-2008-2055", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2055/references"}, {"name": "SSRT071449", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40"}, {"name": "31065", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31065"}, {"name": "31254", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31254"}, {"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.doxpara.com/?p=1176"}, {"name": "NetBSD-SA2008-009", "tags": ["vendor-advisory", "x_refsource_NETBSD"], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc"}, {"name": "USN-627-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-627-1"}, {"name": "ADV-2010-0622", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0622"}, {"name": "1020576", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020576"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"name": "HPSBOV02357", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520"}, {"name": "31153", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31153"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231"}, {"name": "ADV-2008-2549", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2549"}, {"name": "IZ26667", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"}, {"name": "31213", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31213"}, {"name": "31030", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31030"}, {"name": "USN-622-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-622-1"}, {"name": "31033", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31033"}, {"tags": ["x_refsource_MISC"], "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"}, {"name": "1020440", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020440"}, {"name": "APPLE-SA-2008-09-12", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.doxpara.com/DMK_BO2K8.ppt"}, {"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"}, {"name": "DSA-1604", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1604"}, {"name": "31823", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31823"}, {"name": "31326", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31326"}, {"name": "ADV-2008-2558", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2558"}, {"name": "6122", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/6122"}, {"name": "oval:org.mitre.oval:def:5725", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725"}, {"tags": ["x_refsource_MISC"], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt"}, {"name": "cisco-multiple-dns-cache-poisoning(43637)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"}, {"name": "ADV-2008-2383", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2383"}, {"name": "1020560", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020560"}, {"name": "31900", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31900"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.citrix.com/article/CTX118183"}, {"name": "30925", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30925"}, {"name": "ADV-2009-0311", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0311"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018"}, {"name": "DSA-1623", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1623"}, {"name": "ADV-2008-2582", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2582"}, {"tags": ["x_refsource_MISC"], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt"}, {"name": "DSA-1605", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2008/dsa-1605"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.novell.com/support/viewContent.do?externalId=7000912"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"}, {"name": "ADV-2008-2342", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2342"}, {"name": "ADV-2008-2114", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2114/references"}, {"name": "30973", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30973"}, {"name": "31204", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31204"}, {"name": "31354", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31354"}, {"name": "GLSA-200812-17", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"}, {"name": "oval:org.mitre.oval:def:12117", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117"}, {"name": "33178", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33178"}, {"name": "30988", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30988"}, {"name": "APPLE-SA-2008-09-09", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"}, {"name": "31011", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31011"}, {"tags": ["x_refsource_MISC"], "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"}, {"name": "ADV-2008-2334", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2334"}, {"name": "1020577", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020577"}, {"name": "31422", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31422"}, {"name": "31197", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31197"}, {"name": "1020548", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020548"}, {"name": "ADV-2008-2467", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2467"}, {"name": "240048", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"}, {"name": "TA08-190B", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html"}, {"name": "TA08-190A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html"}, {"name": "GLSA-200807-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"}, {"name": "31022", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31022"}, {"name": "SSA:2008-191", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239"}, {"name": "1020449", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020449"}, {"name": "31093", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31093"}, {"name": "31052", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31052"}, {"name": "30980", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30980"}, {"name": "SSA:2008-205-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"}, {"name": "31199", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31199"}, {"name": "ADV-2008-2030", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2030/references"}, {"name": "ADV-2008-2291", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2291"}, {"name": "ADV-2008-2023", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2023/references"}, {"name": "SSRT090014", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2"}, {"name": "ADV-2008-2466", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2466"}, {"name": "MS08-037", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"}, {"name": "31212", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31212"}, {"name": "ADV-2008-2113", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2113/references"}, {"name": "31152", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31152"}, {"name": "ADV-2008-2019", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2019/references"}, {"name": "ADV-2008-2197", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2197/references"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2008-1447", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1020438", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020438"}, {"name": "FEDORA-2008-6256", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html"}, {"name": "SUSE-SR:2008:017", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"name": "VU#800113", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/800113"}, {"name": "31137", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31137"}, {"name": "31430", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31430"}, {"name": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J"}, {"name": "31169", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31169"}, {"name": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "refsource": "CONFIRM", "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"name": "1020702", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020702"}, {"name": "GLSA-201209-25", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"name": "ADV-2008-2052", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2052/references"}, {"name": "1020561", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020561"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"}, {"name": "HPSBOV03226", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"}, {"name": "1020578", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020578"}, {"name": "FreeBSD-SA-08:06", "refsource": "FREEBSD", "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"}, {"name": "oval:org.mitre.oval:def:9627", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627"}, {"name": "1020802", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020802"}, {"name": "HPSBMP02404", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2"}, {"name": "30131", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30131"}, {"name": "[4.2] 013: SECURITY FIX: July 23, 2008", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata42.html#013_bind"}, {"name": "31236", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31236"}, {"name": "APPLE-SA-2008-09-15", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"}, {"name": "1020651", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020651"}, {"name": "1020437", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020437"}, {"name": "31209", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31209"}, {"name": "31012", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31012"}, {"name": "31151", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31151"}, {"name": "ADV-2008-2050", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2050/references"}, {"name": "http://support.citrix.com/article/CTX117991", "refsource": "CONFIRM", "url": "http://support.citrix.com/article/CTX117991"}, {"name": "SSRT101004", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"}, {"name": "31237", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31237"}, {"name": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "refsource": "CONFIRM", "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"name": "APPLE-SA-2008-07-31", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"}, {"name": "win-dns-client-server-spoofing(43334)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"}, {"name": "31495", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31495"}, {"name": "6130", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6130"}, {"name": "20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml"}, {"name": "1020579", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020579"}, {"name": "http://www.nominum.com/asset_upload_file741_2661.pdf", "refsource": "MISC", "url": "http://www.nominum.com/asset_upload_file741_2661.pdf"}, {"name": "1020653", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020653"}, {"name": "30998", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30998"}, {"name": "DSA-1603", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1603"}, {"name": "ADV-2008-2525", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2525"}, {"name": "SUSE-SA:2008:033", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"}, {"name": "31094", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31094"}, {"name": "IZ26668", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668"}, {"name": "31687", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31687"}, {"name": "ADV-2008-2025", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2025/references"}, {"name": "239392", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"}, {"name": "TA08-260A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"}, {"name": "31588", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31588"}, {"name": "31019", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31019"}, {"name": "ADV-2008-2029", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2029/references"}, {"name": "SSRT080058", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2"}, {"name": "6123", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6123"}, {"name": "IZ26671", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671"}, {"name": "FEDORA-2008-6281", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html"}, {"name": "ADV-2008-2268", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2268"}, {"name": "ADV-2009-0297", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0297"}, {"name": "HPSBUX02351", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2"}, {"name": "31207", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31207"}, {"name": "31031", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31031"}, {"name": "ADV-2008-2584", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2584"}, {"name": "31451", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31451"}, {"name": "ADV-2008-2051", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2051/references"}, {"name": "30977", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30977"}, {"name": "RHSA-2008:0789", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html"}, {"name": "ADV-2008-2377", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2377"}, {"name": "HPSBNS02405", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"}, {"name": "1020558", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020558"}, {"name": "31221", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31221"}, {"name": "RHSA-2008:0533", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html"}, {"name": "[4.3] 004: SECURITY FIX: July 23, 2008", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata43.html#004_bind"}, {"name": "1020804", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020804"}, {"name": "31143", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31143"}, {"name": "20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"}, {"name": "ADV-2008-2195", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2195/references"}, {"name": "ADV-2008-2196", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2196/references"}, {"name": "33714", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33714"}, {"name": "HPSBTU02358", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2"}, {"name": "33786", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33786"}, {"name": "1020448", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020448"}, {"name": "31882", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31882"}, {"name": "ADV-2008-2384", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2384"}, {"name": "IZ26669", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669"}, {"name": "http://up2date.astaro.com/2008/08/up2date_7202_released.html", "refsource": "CONFIRM", "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"}, {"name": "ADV-2008-2123", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2123/references"}, {"name": "http://support.apple.com/kb/HT3026", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3026"}, {"name": "31014", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31014"}, {"name": "30979", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30979"}, {"name": "1020575", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020575"}, {"name": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "refsource": "CONFIRM", "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"}, {"name": "ADV-2008-2482", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2482"}, {"name": "IZ26672", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672"}, {"name": "http://support.apple.com/kb/HT3129", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3129"}, {"name": "DSA-1619", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1619"}, {"name": "ADV-2008-2166", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2166/references"}, {"name": "31072", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31072"}, {"name": "ADV-2008-2139", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2139/references"}, {"name": "oval:org.mitre.oval:def:5761", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761"}, {"name": "ADV-2008-2092", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2092/references"}, {"name": "31482", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31482"}, {"name": "IZ26670", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670"}, {"name": "MDVSA-2008:139", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139"}, {"name": "oval:org.mitre.oval:def:5917", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917"}, {"name": "30989", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30989"}, {"name": "ADV-2008-2055", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2055/references"}, {"name": "SSRT071449", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"}, {"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152", "refsource": "CONFIRM", "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152"}, {"name": "http://www.ipcop.org/index.php?name=News&file=article&sid=40", "refsource": "CONFIRM", "url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40"}, {"name": "31065", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31065"}, {"name": "31254", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31254"}, {"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"}, {"name": "http://www.doxpara.com/?p=1176", "refsource": "MISC", "url": "http://www.doxpara.com/?p=1176"}, {"name": "NetBSD-SA2008-009", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc"}, {"name": "USN-627-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-627-1"}, {"name": "ADV-2010-0622", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0622"}, {"name": "1020576", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020576"}, {"name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "refsource": "CONFIRM", "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"name": "HPSBOV02357", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520"}, {"name": "31153", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31153"}, {"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231"}, {"name": "ADV-2008-2549", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2549"}, {"name": "IZ26667", "refsource": "AIXAPAR", "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667"}, {"name": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html", "refsource": "CONFIRM", "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"}, {"name": "31213", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31213"}, {"name": "31030", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31030"}, {"name": "USN-622-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-622-1"}, {"name": "31033", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31033"}, {"name": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html", "refsource": "MISC", "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"}, {"name": "1020440", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020440"}, {"name": "APPLE-SA-2008-09-12", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"}, {"name": "http://www.doxpara.com/DMK_BO2K8.ppt", "refsource": "MISC", "url": "http://www.doxpara.com/DMK_BO2K8.ppt"}, {"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"}, {"name": "DSA-1604", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1604"}, {"name": "31823", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31823"}, {"name": "31326", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31326"}, {"name": "ADV-2008-2558", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2558"}, {"name": "6122", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/6122"}, {"name": "oval:org.mitre.oval:def:5725", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725"}, {"name": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt", "refsource": "MISC", "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt"}, {"name": "cisco-multiple-dns-cache-poisoning(43637)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"}, {"name": "ADV-2008-2383", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2383"}, {"name": "1020560", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020560"}, {"name": "31900", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31900"}, {"name": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q"}, {"name": "http://support.citrix.com/article/CTX118183", "refsource": "CONFIRM", "url": "http://support.citrix.com/article/CTX118183"}, {"name": "30925", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30925"}, {"name": "ADV-2009-0311", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0311"}, {"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018"}, {"name": "DSA-1623", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1623"}, {"name": "ADV-2008-2582", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2582"}, {"name": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt", "refsource": "MISC", "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt"}, {"name": "DSA-1605", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1605"}, {"name": "http://www.novell.com/support/viewContent.do?externalId=7000912", "refsource": "CONFIRM", "url": "http://www.novell.com/support/viewContent.do?externalId=7000912"}, {"name": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning", "refsource": "CONFIRM", "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"}, {"name": "ADV-2008-2342", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2342"}, {"name": "ADV-2008-2114", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2114/references"}, {"name": "30973", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30973"}, {"name": "31204", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31204"}, {"name": "31354", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31354"}, {"name": "GLSA-200812-17", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"}, {"name": "oval:org.mitre.oval:def:12117", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117"}, {"name": "33178", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33178"}, {"name": "30988", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30988"}, {"name": "APPLE-SA-2008-09-09", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"}, {"name": "31011", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31011"}, {"name": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html", "refsource": "MISC", "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"}, {"name": "ADV-2008-2334", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2334"}, {"name": "1020577", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020577"}, {"name": "31422", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31422"}, {"name": "31197", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31197"}, {"name": "1020548", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020548"}, {"name": "ADV-2008-2467", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2467"}, {"name": "240048", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"}, {"name": "TA08-190B", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html"}, {"name": "TA08-190A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html"}, {"name": "GLSA-200807-08", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"}, {"name": "31022", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31022"}, {"name": "SSA:2008-191", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239"}, {"name": "1020449", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020449"}, {"name": "31093", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31093"}, {"name": "31052", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31052"}, {"name": "30980", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30980"}, {"name": "SSA:2008-205-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"}, {"name": "31199", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31199"}, {"name": "ADV-2008-2030", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2030/references"}, {"name": "ADV-2008-2291", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2291"}, {"name": "ADV-2008-2023", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2023/references"}, {"name": "SSRT090014", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2"}, {"name": "ADV-2008-2466", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2466"}, {"name": "MS08-037", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"}, {"name": "31212", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31212"}, {"name": "ADV-2008-2113", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2113/references"}, {"name": "31152", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31152"}, {"name": "ADV-2008-2019", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2019/references"}, {"name": "ADV-2008-2197", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2197/references"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:24:42.012Z"}, "title": "CVE Program Container", "references": [{"name": "1020438", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020438"}, {"name": "FEDORA-2008-6256", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html"}, {"name": "SUSE-SR:2008:017", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"name": "VU#800113", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/800113"}, {"name": "31137", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31137"}, {"name": "31430", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31430"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J"}, {"name": "31169", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31169"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"name": "1020702", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020702"}, {"name": "GLSA-201209-25", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"name": "ADV-2008-2052", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2052/references"}, {"name": "1020561", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020561"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"}, {"name": "HPSBOV03226", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"}, {"name": "1020578", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020578"}, {"name": "FreeBSD-SA-08:06", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"}, {"name": "oval:org.mitre.oval:def:9627", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627"}, {"name": "1020802", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020802"}, {"name": "HPSBMP02404", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2"}, {"name": "30131", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/30131"}, {"name": "[4.2] 013: SECURITY FIX: July 23, 2008", "tags": ["vendor-advisory", "x_refsource_OPENBSD", "x_transferred"], "url": "http://www.openbsd.org/errata42.html#013_bind"}, {"name": "31236", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31236"}, {"name": "APPLE-SA-2008-09-15", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"}, {"name": "1020651", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020651"}, {"name": "1020437", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020437"}, {"name": "31209", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31209"}, {"name": "31012", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31012"}, {"name": "31151", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31151"}, {"name": "ADV-2008-2050", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2050/references"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.citrix.com/article/CTX117991"}, {"name": "SSRT101004", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"}, {"name": "31237", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31237"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"name": "APPLE-SA-2008-07-31", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"}, {"name": "win-dns-client-server-spoofing(43334)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"}, {"name": "31495", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31495"}, {"name": "6130", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/6130"}, {"name": "20080708 Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml"}, {"name": "1020579", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020579"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.nominum.com/asset_upload_file741_2661.pdf"}, {"name": "1020653", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020653"}, {"name": "30998", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30998"}, {"name": "DSA-1603", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1603"}, {"name": "ADV-2008-2525", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2525"}, {"name": "SUSE-SA:2008:033", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"}, {"name": "31094", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31094"}, {"name": "IZ26668", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668"}, {"name": "31687", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31687"}, {"name": "ADV-2008-2025", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2025/references"}, {"name": "239392", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"}, {"name": "TA08-260A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"}, {"name": "31588", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31588"}, {"name": "31019", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31019"}, {"name": "ADV-2008-2029", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2029/references"}, {"name": "SSRT080058", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2"}, {"name": "6123", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/6123"}, {"name": "IZ26671", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671"}, {"name": "FEDORA-2008-6281", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html"}, {"name": "ADV-2008-2268", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2268"}, {"name": "ADV-2009-0297", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/0297"}, {"name": "HPSBUX02351", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2"}, {"name": "31207", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31207"}, {"name": "31031", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31031"}, {"name": "ADV-2008-2584", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2584"}, {"name": "31451", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31451"}, {"name": "ADV-2008-2051", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2051/references"}, {"name": "30977", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30977"}, {"name": "RHSA-2008:0789", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html"}, {"name": "ADV-2008-2377", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2377"}, {"name": "HPSBNS02405", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"}, {"name": "1020558", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020558"}, {"name": "31221", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31221"}, {"name": "RHSA-2008:0533", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html"}, {"name": "[4.3] 004: SECURITY FIX: July 23, 2008", "tags": ["vendor-advisory", "x_refsource_OPENBSD", "x_transferred"], "url": "http://www.openbsd.org/errata43.html#004_bind"}, {"name": "1020804", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020804"}, {"name": "31143", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31143"}, {"name": "20080808 New paper: An Illustrated Guide to the Kaminsky DNS Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"}, {"name": "ADV-2008-2195", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2195/references"}, {"name": "ADV-2008-2196", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2196/references"}, {"name": "33714", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33714"}, {"name": "HPSBTU02358", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2"}, {"name": "33786", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33786"}, {"name": "1020448", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020448"}, {"name": "31882", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31882"}, {"name": "ADV-2008-2384", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2384"}, {"name": "IZ26669", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"}, {"name": "ADV-2008-2123", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2123/references"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT3026"}, {"name": "31014", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31014"}, {"name": "30979", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30979"}, {"name": "1020575", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020575"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"}, {"name": "ADV-2008-2482", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2482"}, {"name": "IZ26672", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT3129"}, {"name": "DSA-1619", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1619"}, {"name": "ADV-2008-2166", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2166/references"}, {"name": "31072", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31072"}, {"name": "ADV-2008-2139", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2139/references"}, {"name": "oval:org.mitre.oval:def:5761", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761"}, {"name": "ADV-2008-2092", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2092/references"}, {"name": "31482", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31482"}, {"name": "IZ26670", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670"}, {"name": "MDVSA-2008:139", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139"}, {"name": "oval:org.mitre.oval:def:5917", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917"}, {"name": "30989", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30989"}, {"name": "ADV-2008-2055", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2055/references"}, {"name": "SSRT071449", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40"}, {"name": "31065", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31065"}, {"name": "31254", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31254"}, {"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.doxpara.com/?p=1176"}, {"name": "NetBSD-SA2008-009", "tags": ["vendor-advisory", "x_refsource_NETBSD", "x_transferred"], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc"}, {"name": "USN-627-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-627-1"}, {"name": "ADV-2010-0622", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0622"}, {"name": "1020576", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020576"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"name": "HPSBOV02357", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520"}, {"name": "31153", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31153"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231"}, {"name": "ADV-2008-2549", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2549"}, {"name": "IZ26667", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"}, {"name": "31213", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31213"}, {"name": "31030", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31030"}, {"name": "USN-622-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-622-1"}, {"name": "31033", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31033"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"}, {"name": "1020440", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020440"}, {"name": "APPLE-SA-2008-09-12", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.doxpara.com/DMK_BO2K8.ppt"}, {"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"}, {"name": "DSA-1604", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1604"}, {"name": "31823", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31823"}, {"name": "31326", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31326"}, {"name": "ADV-2008-2558", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2558"}, {"name": "6122", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/6122"}, {"name": "oval:org.mitre.oval:def:5725", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt"}, {"name": "cisco-multiple-dns-cache-poisoning(43637)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"}, {"name": "ADV-2008-2383", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2383"}, {"name": "1020560", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020560"}, {"name": "31900", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31900"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.citrix.com/article/CTX118183"}, {"name": "30925", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30925"}, {"name": "ADV-2009-0311", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/0311"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018"}, {"name": "DSA-1623", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1623"}, {"name": "ADV-2008-2582", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2582"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt"}, {"name": "DSA-1605", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2008/dsa-1605"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.novell.com/support/viewContent.do?externalId=7000912"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"}, {"name": "ADV-2008-2342", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2342"}, {"name": "ADV-2008-2114", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2114/references"}, {"name": "30973", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30973"}, {"name": "31204", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31204"}, {"name": "31354", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31354"}, {"name": "GLSA-200812-17", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"}, {"name": "oval:org.mitre.oval:def:12117", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117"}, {"name": "33178", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33178"}, {"name": "30988", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30988"}, {"name": "APPLE-SA-2008-09-09", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"}, {"name": "31011", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31011"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"}, {"name": "ADV-2008-2334", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2334"}, {"name": "1020577", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020577"}, {"name": "31422", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31422"}, {"name": "31197", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31197"}, {"name": "1020548", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020548"}, {"name": "ADV-2008-2467", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2467"}, {"name": "240048", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"}, {"name": "TA08-190B", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html"}, {"name": "TA08-190A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html"}, {"name": "GLSA-200807-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"}, {"name": "31022", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31022"}, {"name": "SSA:2008-191", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239"}, {"name": "1020449", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020449"}, {"name": "31093", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31093"}, {"name": "31052", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31052"}, {"name": "30980", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30980"}, {"name": "SSA:2008-205-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"}, {"name": "31199", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31199"}, {"name": "ADV-2008-2030", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2030/references"}, {"name": "ADV-2008-2291", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2291"}, {"name": "ADV-2008-2023", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2023/references"}, {"name": "SSRT090014", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2"}, {"name": "ADV-2008-2466", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2466"}, {"name": "MS08-037", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"}, {"name": "31212", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31212"}, {"name": "ADV-2008-2113", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2113/references"}, {"name": "31152", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31152"}, {"name": "ADV-2008-2019", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2019/references"}, {"name": "ADV-2008-2197", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2197/references"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2008-1447", "datePublished": "2008-07-08T23:00:00", "dateReserved": "2008-03-21T00:00:00", "dateUpdated": "2024-08-07T08:24:42.012Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF", "vulnerable": false}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501", "vulnerable": false}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468", "vulnerable": false}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701", "vulnerable": false}, {"criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52", "vulnerable": false}, {"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "matchCriteriaId": "E3C43D05-40F8-4769-BA6B-A376420EA972", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "matchCriteriaId": "69117328-A5AD-48A5-A56A-0AA8805A113E", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "matchCriteriaId": "3ECE18F6-9DDD-4354-9012-B0660E184E83", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "matchCriteriaId": "4A2B4F1C-737D-40DA-B12E-6C664F9A7ECA", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "matchCriteriaId": "DBBCB4B2-8007-4AD5-946E-396330E7DC31", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "matchCriteriaId": "68758D17-44AF-4472-928C-3B94A7EAD671", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "matchCriteriaId": "76EDD7D7-4567-4007-86A3-95E907616C6A", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "matchCriteriaId": "7A933555-D875-47B9-BFA7-E030B04C1197", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "matchCriteriaId": "4BAA5F63-9A88-4B38-B284-B6E6170F12A8", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "matchCriteriaId": "9F168D81-2D2B-4B75-B907-A8AE2A3523C5", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "matchCriteriaId": "1778D813-845D-4B79-B9AF-5D4E0B461C75", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "matchCriteriaId": "A2E917A1-AFE1-4AA3-AB80-A69F152BAB51", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "matchCriteriaId": "C8203007-1723-431B-ADDE-C5FE76A88619", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "matchCriteriaId": "423102CB-1FA1-46BB-8345-412F35DB25B7", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "matchCriteriaId": "98E956AB-6A8E-4C5D-89D5-52BC374B1D7C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "matchCriteriaId": "676A5A3B-EFE5-4B84-8F8E-CF952003F48F", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "matchCriteriaId": "4902A7BD-0645-4CAC-8EA8-24BD2D8B893A", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "matchCriteriaId": "D6B5646C-FF04-4D3D-B39E-27C1056962EA", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "matchCriteriaId": "7361D8F0-FE84-41D0-9C62-F180339DD40A", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "matchCriteriaId": "5454336D-724E-4027-A642-1EFCB79C1ADC", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "matchCriteriaId": "1E3C0D00-DF20-4B46-8A7D-99D963BD921E", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "matchCriteriaId": "7904F3D9-A6B0-4ED6-8BAD-2D26C118C0F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "90E4653A-C63A-4568-BFF2-ECAB7AB5A55C", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\""}, {"lang": "es", "value": "El protocolo DNS, como es implementado en (1) BIND 8 y 9 en versiones anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar el tr\u00e1fico DNS a trav\u00e9s de un ataque de un cumplea\u00f1os que usa referencias in-bailiwick para llevar a cabo un envenenamiento del cach\u00e9 contra resolutores recursivos, relacionado con la insifuciente aleatoriedad de la ID de la transacci\u00f3n DNS y los puertos de origen, vulnerabilidad tambi\u00e9n conocida como \"DNS Insufficient Socket Entropy Vulnerability\" o \"the Kaminsky bug\"."}], "id": "CVE-2008-1447", "lastModified": "2020-03-24T18:19:46.383", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2008-07-08T23:41:00.000", "references": [{"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "Vendor Advisory"], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc"}, {"source": "secure@microsoft.com", "tags": ["Technical Description"], "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"}, {"source": "secure@microsoft.com", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520"}, {"source": "secure@microsoft.com", "tags": ["Broken Link"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"}, {"source": "secure@microsoft.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"}, {"source": "secure@microsoft.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"}, {"source": "secure@microsoft.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"}, {"source": "secure@microsoft.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"}, {"source": "secure@microsoft.com", "tags": ["Broken Link"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30925"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30973"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30977"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30979"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30980"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "Vendor Advisory"], "url": "http://secunia.com/advisories/30988"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30989"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30998"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31011"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31012"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31014"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31019"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31022"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31030"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31031"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31033"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31052"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31065"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31072"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31093"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31094"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31137"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31143"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31151"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31152"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31153"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31169"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31197"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31199"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31204"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31207"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31209"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31212"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31213"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31221"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31236"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31237"}, {"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/31254"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31326"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31354"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31422"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31430"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31451"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31482"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31495"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31588"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31687"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31823"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31882"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31900"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/33178"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/33714"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/33786"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://support.apple.com/kb/HT3026"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://support.apple.com/kb/HT3129"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://support.citrix.com/article/CTX117991"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://support.citrix.com/article/CTX118183"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml"}, {"source": "secure@microsoft.com", "tags": ["Patch"], "url": "http://www.debian.org/security/2008/dsa-1603"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2008/dsa-1604"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2008/dsa-1605"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2008/dsa-1619"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2008/dsa-1623"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.doxpara.com/?p=1176"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.doxpara.com/DMK_BO2K8.ppt"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/800113"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.nominum.com/asset_upload_file741_2661.pdf"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.novell.com/support/viewContent.do?externalId=7000912"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.openbsd.org/errata42.html#013_bind"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.openbsd.org/errata43.html#004_bind"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/30131"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020437"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020438"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020440"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020448"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020449"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020548"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020558"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020560"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020561"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020575"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020576"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020577"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020578"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020579"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020651"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020653"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020702"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020802"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020804"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-622-1"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-627-1"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2019/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2023/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2025/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2029/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2030/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2050/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2051/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2052/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2055/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2092/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2113/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2114/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2123/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2139/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2166/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2195/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2196/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2197/references"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2268"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2291"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2334"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2342"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2377"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2383"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2384"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2466"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2467"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2482"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2525"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2549"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2558"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2582"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/2584"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/0297"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/0311"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0622"}, {"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"}, {"source": "secure@microsoft.com", "tags": ["Tool Signature"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117"}, {"source": "secure@microsoft.com", "tags": ["Tool Signature"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725"}, {"source": "secure@microsoft.com", "tags": ["Tool Signature"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761"}, {"source": "secure@microsoft.com", "tags": ["Tool Signature"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917"}, {"source": "secure@microsoft.com", "tags": ["Tool Signature"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/6122"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/6123"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/6130"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html"}, {"source": "secure@microsoft.com", "tags": ["Third Party Advisory"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html"}], "sourceIdentifier": "secure@microsoft.com", "vendorComments": [{"comment": "http://rhn.redhat.com/errata/RHSA-2008-0533.html", "lastModified": "2008-07-09T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-331"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Dan Kaminsky for reporting this issue.", "affected_release": [{"advisory": "RHSA-2008:0533", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "package": "bind-0:9.2.1-10.el2", "product_name": "Red Hat Enterprise Linux 2.1", "release_date": "2008-07-08T00:00:00Z"}, {"advisory": "RHSA-2008:0533", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "bind-20:9.2.4-22.el3", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2008-07-08T00:00:00Z"}, {"advisory": "RHSA-2008:0533", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "bind-20:9.2.4-28.0.1.el4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2008-07-08T00:00:00Z"}, {"advisory": "RHSA-2008:0533", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "selinux-policy-targeted-0:1.17.30-2.150.el4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2008-07-08T00:00:00Z"}, {"advisory": "RHSA-2008:0533", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "bind-30:9.3.4-6.0.2.P1.el5_2", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2008-07-08T00:00:00Z"}, {"advisory": "RHSA-2008:0533", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "selinux-policy-0:2.4.6-137.1.el5_2", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2008-07-08T00:00:00Z"}, {"advisory": "RHSA-2008:0789", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "dnsmasq-0:2.45-1.el5_2.1", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2008-08-11T00:00:00Z"}], "bugzilla": {"description": "bind: implement source UDP port randomization (CERT VU#800113)", "id": "449345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345"}, "csaw": false, "details": ["The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\""], "name": "CVE-2008-1447", "public_date": "2008-07-08T18:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2008-1447\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-1447"], "threat_severity": "Important"}