6.8
MEDIUM
CVE-2008-1447
BIND Kaminsky DNS Cache Poisoning Vulnerability
Description
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
INFO
Published Date :
July 8, 2008, 11:41 p.m.
Last Modified :
Nov. 21, 2024, 12:44 a.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
4.0
Exploitability Score :
2.2
Public PoC/Exploit Available at Github
CVE-2008-1447 has a 1 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
Affected Products
The following products are affected by CVE-2008-1447
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2008-1447.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
None
Updated: 2 years, 8 months ago
0 stars
0 fork
0 watcher
Born at : Feb. 28, 2022, 7:52 a.m.
This repo has been linked 1 different CVEs too.
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2008-1447 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2008-1447 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
Modified Analysis by [email protected]
Mar. 24, 2020
Action Type Old Value New Value Changed CPE Configuration AND OR cpe:2.3:o:canonical:ubuntu:6.06:*:lts:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:8.04:*:lts:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR *cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:* AND OR cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:* cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:* cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:* cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* OR *cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:* -
Modified Analysis by [email protected]
Sep. 27, 2019
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N Changed Reference Type ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc Vendor Advisory ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc Third Party Advisory, Vendor Advisory Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html Third Party Advisory http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html Mailing List, Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html Third Party Advisory http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html Mailing List, Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html Third Party Advisory http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html Mailing List, Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html Third Party Advisory http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html Mailing List, Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=121630706004256&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=121630706004256&w=2 Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=121866517322103&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=121866517322103&w=2 Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=123324863916385&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=123324863916385&w=2 Third Party Advisory Changed Reference Type http://marc.info/?l=bugtraq&m=141879471518471&w=2 No Types Assigned http://marc.info/?l=bugtraq&m=141879471518471&w=2 Third Party Advisory Changed Reference Type http://rhn.redhat.com/errata/RHSA-2008-0533.html No Types Assigned http://rhn.redhat.com/errata/RHSA-2008-0533.html Third Party Advisory Changed Reference Type http://secunia.com/advisories/30925 No Types Assigned http://secunia.com/advisories/30925 Third Party Advisory Changed Reference Type http://secunia.com/advisories/30973 No Types Assigned http://secunia.com/advisories/30973 Third Party Advisory Changed Reference Type http://secunia.com/advisories/30977 No Types Assigned http://secunia.com/advisories/30977 Third Party Advisory Changed Reference Type http://secunia.com/advisories/30979 No Types Assigned http://secunia.com/advisories/30979 Third Party Advisory Changed Reference Type http://secunia.com/advisories/30980 No Types Assigned http://secunia.com/advisories/30980 Third Party Advisory Changed Reference Type http://secunia.com/advisories/30988 Vendor Advisory http://secunia.com/advisories/30988 Third Party Advisory, Vendor Advisory Changed Reference Type http://secunia.com/advisories/30998 No Types Assigned http://secunia.com/advisories/30998 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31011 No Types Assigned http://secunia.com/advisories/31011 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31012 No Types Assigned http://secunia.com/advisories/31012 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31014 No Types Assigned http://secunia.com/advisories/31014 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31019 No Types Assigned http://secunia.com/advisories/31019 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31022 No Types Assigned http://secunia.com/advisories/31022 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31030 No Types Assigned http://secunia.com/advisories/31030 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31031 No Types Assigned http://secunia.com/advisories/31031 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31065 No Types Assigned http://secunia.com/advisories/31065 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31072 No Types Assigned http://secunia.com/advisories/31072 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31093 No Types Assigned http://secunia.com/advisories/31093 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31143 No Types Assigned http://secunia.com/advisories/31143 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31151 No Types Assigned http://secunia.com/advisories/31151 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31152 No Types Assigned http://secunia.com/advisories/31152 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31153 No Types Assigned http://secunia.com/advisories/31153 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31169 No Types Assigned http://secunia.com/advisories/31169 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31199 No Types Assigned http://secunia.com/advisories/31199 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31204 No Types Assigned http://secunia.com/advisories/31204 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31209 No Types Assigned http://secunia.com/advisories/31209 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31212 No Types Assigned http://secunia.com/advisories/31212 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31213 No Types Assigned http://secunia.com/advisories/31213 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31221 No Types Assigned http://secunia.com/advisories/31221 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31236 No Types Assigned http://secunia.com/advisories/31236 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31326 No Types Assigned http://secunia.com/advisories/31326 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31354 No Types Assigned http://secunia.com/advisories/31354 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31422 No Types Assigned http://secunia.com/advisories/31422 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31430 No Types Assigned http://secunia.com/advisories/31430 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31451 No Types Assigned http://secunia.com/advisories/31451 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31482 No Types Assigned http://secunia.com/advisories/31482 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31495 No Types Assigned http://secunia.com/advisories/31495 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31588 No Types Assigned http://secunia.com/advisories/31588 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31687 No Types Assigned http://secunia.com/advisories/31687 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31823 No Types Assigned http://secunia.com/advisories/31823 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31882 No Types Assigned http://secunia.com/advisories/31882 Third Party Advisory Changed Reference Type http://secunia.com/advisories/31900 No Types Assigned http://secunia.com/advisories/31900 Third Party Advisory Changed Reference Type http://secunia.com/advisories/33178 No Types Assigned http://secunia.com/advisories/33178 Third Party Advisory Changed Reference Type http://secunia.com/advisories/33714 No Types Assigned http://secunia.com/advisories/33714 Third Party Advisory Changed Reference Type http://secunia.com/advisories/33786 No Types Assigned http://secunia.com/advisories/33786 Third Party Advisory Changed Reference Type http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc No Types Assigned http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc Third Party Advisory Changed Reference Type http://security.gentoo.org/glsa/glsa-200807-08.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200807-08.xml Third Party Advisory Changed Reference Type http://security.gentoo.org/glsa/glsa-200812-17.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200812-17.xml Third Party Advisory Changed Reference Type http://security.gentoo.org/glsa/glsa-201209-25.xml No Types Assigned http://security.gentoo.org/glsa/glsa-201209-25.xml Third Party Advisory Changed Reference Type http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680 No Types Assigned http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680 Third Party Advisory Changed Reference Type http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239 No Types Assigned http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239 Third Party Advisory Changed Reference Type http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1 No Types Assigned http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1 Third Party Advisory Changed Reference Type http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1 No Types Assigned http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1 Third Party Advisory Changed Reference Type http://support.apple.com/kb/HT3026 No Types Assigned http://support.apple.com/kb/HT3026 Third Party Advisory Changed Reference Type http://support.apple.com/kb/HT3129 No Types Assigned http://support.apple.com/kb/HT3129 Third Party Advisory Changed Reference Type http://support.citrix.com/article/CTX117991 No Types Assigned http://support.citrix.com/article/CTX117991 Third Party Advisory Changed Reference Type http://support.citrix.com/article/CTX118183 No Types Assigned http://support.citrix.com/article/CTX118183 Third Party Advisory Changed Reference Type http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152 No Types Assigned http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152 Third Party Advisory Changed Reference Type http://up2date.astaro.com/2008/08/up2date_7202_released.html No Types Assigned http://up2date.astaro.com/2008/08/up2date_7202_released.html Third Party Advisory Changed Reference Type http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231 No Types Assigned http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231 Third Party Advisory Changed Reference Type http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018 No Types Assigned http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018 Third Party Advisory Changed Reference Type http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning No Types Assigned http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning Third Party Advisory Changed Reference Type http://www.caughq.org/exploits/CAU-EX-2008-0002.txt No Types Assigned http://www.caughq.org/exploits/CAU-EX-2008-0002.txt Third Party Advisory Changed Reference Type http://www.caughq.org/exploits/CAU-EX-2008-0003.txt No Types Assigned http://www.caughq.org/exploits/CAU-EX-2008-0003.txt Third Party Advisory Changed Reference Type http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml No Types Assigned http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml Third Party Advisory Changed Reference Type http://www.debian.org/security/2008/dsa-1604 No Types Assigned http://www.debian.org/security/2008/dsa-1604 Third Party Advisory Changed Reference Type http://www.debian.org/security/2008/dsa-1605 No Types Assigned http://www.debian.org/security/2008/dsa-1605 Third Party Advisory Changed Reference Type http://www.debian.org/security/2008/dsa-1619 No Types Assigned http://www.debian.org/security/2008/dsa-1619 Third Party Advisory Changed Reference Type http://www.debian.org/security/2008/dsa-1623 No Types Assigned http://www.debian.org/security/2008/dsa-1623 Third Party Advisory Changed Reference Type http://www.doxpara.com/?p=1176 No Types Assigned http://www.doxpara.com/?p=1176 Third Party Advisory Changed Reference Type http://www.doxpara.com/DMK_BO2K8.ppt No Types Assigned http://www.doxpara.com/DMK_BO2K8.ppt Third Party Advisory Changed Reference Type http://www.ibm.com/support/docview.wss?uid=isg1IZ26667 No Types Assigned http://www.ibm.com/support/docview.wss?uid=isg1IZ26667 Third Party Advisory Changed Reference Type http://www.ibm.com/support/docview.wss?uid=isg1IZ26668 No Types Assigned http://www.ibm.com/support/docview.wss?uid=isg1IZ26668 Third Party Advisory Changed Reference Type http://www.ibm.com/support/docview.wss?uid=isg1IZ26669 No Types Assigned http://www.ibm.com/support/docview.wss?uid=isg1IZ26669 Third Party Advisory Changed Reference Type http://www.ibm.com/support/docview.wss?uid=isg1IZ26670 No Types Assigned http://www.ibm.com/support/docview.wss?uid=isg1IZ26670 Third Party Advisory Changed Reference Type http://www.ibm.com/support/docview.wss?uid=isg1IZ26671 No Types Assigned http://www.ibm.com/support/docview.wss?uid=isg1IZ26671 Third Party Advisory Changed Reference Type http://www.ibm.com/support/docview.wss?uid=isg1IZ26672 No Types Assigned http://www.ibm.com/support/docview.wss?uid=isg1IZ26672 Third Party Advisory Changed Reference Type http://www.ipcop.org/index.php?name=News&file=article&sid=40 No Types Assigned http://www.ipcop.org/index.php?name=News&file=article&sid=40 Third Party Advisory Changed Reference Type http://www.isc.org/index.pl?/sw/bind/bind-security.php No Types Assigned http://www.isc.org/index.pl?/sw/bind/bind-security.php Third Party Advisory Changed Reference Type http://www.kb.cert.org/vuls/id/800113 US Government Resource http://www.kb.cert.org/vuls/id/800113 Third Party Advisory, US Government Resource Changed Reference Type http://www.kb.cert.org/vuls/id/MIMG-7DWR4J No Types Assigned http://www.kb.cert.org/vuls/id/MIMG-7DWR4J Third Party Advisory, US Government Resource Changed Reference Type http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q No Types Assigned http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q Third Party Advisory, US Government Resource Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2008:139 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2008:139 Third Party Advisory Changed Reference Type http://www.nominum.com/asset_upload_file741_2661.pdf No Types Assigned http://www.nominum.com/asset_upload_file741_2661.pdf Third Party Advisory Changed Reference Type http://www.novell.com/support/viewContent.do?externalId=7000912 No Types Assigned http://www.novell.com/support/viewContent.do?externalId=7000912 Third Party Advisory Changed Reference Type http://www.openbsd.org/errata42.html#013_bind No Types Assigned http://www.openbsd.org/errata42.html#013_bind Third Party Advisory Changed Reference Type http://www.openbsd.org/errata43.html#004_bind No Types Assigned http://www.openbsd.org/errata43.html#004_bind Third Party Advisory Changed Reference Type http://www.phys.uu.nl/~rombouts/pdnsd.html No Types Assigned http://www.phys.uu.nl/~rombouts/pdnsd.html Third Party Advisory Changed Reference Type http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog No Types Assigned http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog Third Party Advisory Changed Reference Type http://www.redhat.com/support/errata/RHSA-2008-0789.html No Types Assigned http://www.redhat.com/support/errata/RHSA-2008-0789.html Third Party Advisory Changed Reference Type http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html No Types Assigned http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html Third Party Advisory Changed Reference Type http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ No Types Assigned http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ Third Party Advisory Changed Reference Type http://www.securityfocus.com/archive/1/495289/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/495289/100/0/threaded Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/archive/1/495869/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/495869/100/0/threaded Third Party Advisory, VDB Entry Changed Reference Type http://www.securityfocus.com/bid/30131 No Types Assigned http://www.securityfocus.com/bid/30131 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020437 No Types Assigned http://www.securitytracker.com/id?1020437 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020438 No Types Assigned http://www.securitytracker.com/id?1020438 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020440 No Types Assigned http://www.securitytracker.com/id?1020440 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020448 No Types Assigned http://www.securitytracker.com/id?1020448 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020449 No Types Assigned http://www.securitytracker.com/id?1020449 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020548 No Types Assigned http://www.securitytracker.com/id?1020548 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020558 No Types Assigned http://www.securitytracker.com/id?1020558 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020560 No Types Assigned http://www.securitytracker.com/id?1020560 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020561 No Types Assigned http://www.securitytracker.com/id?1020561 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020575 No Types Assigned http://www.securitytracker.com/id?1020575 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020576 No Types Assigned http://www.securitytracker.com/id?1020576 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020577 No Types Assigned http://www.securitytracker.com/id?1020577 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020578 No Types Assigned http://www.securitytracker.com/id?1020578 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020579 No Types Assigned http://www.securitytracker.com/id?1020579 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020651 No Types Assigned http://www.securitytracker.com/id?1020651 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020653 No Types Assigned http://www.securitytracker.com/id?1020653 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020702 No Types Assigned http://www.securitytracker.com/id?1020702 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020802 No Types Assigned http://www.securitytracker.com/id?1020802 Third Party Advisory, VDB Entry Changed Reference Type http://www.securitytracker.com/id?1020804 No Types Assigned http://www.securitytracker.com/id?1020804 Third Party Advisory, VDB Entry Changed Reference Type http://www.ubuntu.com/usn/usn-622-1 No Types Assigned http://www.ubuntu.com/usn/usn-622-1 Third Party Advisory Changed Reference Type http://www.ubuntu.com/usn/usn-627-1 No Types Assigned http://www.ubuntu.com/usn/usn-627-1 Third Party Advisory Changed Reference Type http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html No Types Assigned http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html Third Party Advisory Changed Reference Type http://www.us-cert.gov/cas/techalerts/TA08-190A.html US Government Resource http://www.us-cert.gov/cas/techalerts/TA08-190A.html Third Party Advisory, US Government Resource Changed Reference Type http://www.us-cert.gov/cas/techalerts/TA08-190B.html US Government Resource http://www.us-cert.gov/cas/techalerts/TA08-190B.html Third Party Advisory, US Government Resource Changed Reference Type http://www.us-cert.gov/cas/techalerts/TA08-260A.html US Government Resource http://www.us-cert.gov/cas/techalerts/TA08-260A.html Third Party Advisory, US Government Resource Changed Reference Type http://www.vmware.com/security/advisories/VMSA-2008-0014.html No Types Assigned http://www.vmware.com/security/advisories/VMSA-2008-0014.html Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2019/references No Types Assigned http://www.vupen.com/english/advisories/2008/2019/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2023/references No Types Assigned http://www.vupen.com/english/advisories/2008/2023/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2025/references No Types Assigned http://www.vupen.com/english/advisories/2008/2025/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2029/references No Types Assigned http://www.vupen.com/english/advisories/2008/2029/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2030/references No Types Assigned http://www.vupen.com/english/advisories/2008/2030/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2050/references No Types Assigned http://www.vupen.com/english/advisories/2008/2050/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2051/references No Types Assigned http://www.vupen.com/english/advisories/2008/2051/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2052/references No Types Assigned http://www.vupen.com/english/advisories/2008/2052/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2055/references No Types Assigned http://www.vupen.com/english/advisories/2008/2055/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2092/references No Types Assigned http://www.vupen.com/english/advisories/2008/2092/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2113/references No Types Assigned http://www.vupen.com/english/advisories/2008/2113/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2114/references No Types Assigned http://www.vupen.com/english/advisories/2008/2114/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2123/references No Types Assigned http://www.vupen.com/english/advisories/2008/2123/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2139/references No Types Assigned http://www.vupen.com/english/advisories/2008/2139/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2166/references No Types Assigned http://www.vupen.com/english/advisories/2008/2166/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2195/references No Types Assigned http://www.vupen.com/english/advisories/2008/2195/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2196/references No Types Assigned http://www.vupen.com/english/advisories/2008/2196/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2197/references No Types Assigned http://www.vupen.com/english/advisories/2008/2197/references Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2268 No Types Assigned http://www.vupen.com/english/advisories/2008/2268 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2291 No Types Assigned http://www.vupen.com/english/advisories/2008/2291 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2334 No Types Assigned http://www.vupen.com/english/advisories/2008/2334 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2342 No Types Assigned http://www.vupen.com/english/advisories/2008/2342 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2377 No Types Assigned http://www.vupen.com/english/advisories/2008/2377 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2383 No Types Assigned http://www.vupen.com/english/advisories/2008/2383 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2384 No Types Assigned http://www.vupen.com/english/advisories/2008/2384 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2466 No Types Assigned http://www.vupen.com/english/advisories/2008/2466 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2467 No Types Assigned http://www.vupen.com/english/advisories/2008/2467 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2482 No Types Assigned http://www.vupen.com/english/advisories/2008/2482 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2525 No Types Assigned http://www.vupen.com/english/advisories/2008/2525 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2549 No Types Assigned http://www.vupen.com/english/advisories/2008/2549 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2558 No Types Assigned http://www.vupen.com/english/advisories/2008/2558 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2582 No Types Assigned http://www.vupen.com/english/advisories/2008/2582 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2008/2584 No Types Assigned http://www.vupen.com/english/advisories/2008/2584 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2009/0297 No Types Assigned http://www.vupen.com/english/advisories/2009/0297 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2009/0311 No Types Assigned http://www.vupen.com/english/advisories/2009/0311 Third Party Advisory Changed Reference Type http://www.vupen.com/english/advisories/2010/0622 No Types Assigned http://www.vupen.com/english/advisories/2010/0622 Third Party Advisory Changed Reference Type https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037 No Types Assigned https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037 Patch, Vendor Advisory Changed Reference Type https://exchange.xforce.ibmcloud.com/vulnerabilities/43334 No Types Assigned https://exchange.xforce.ibmcloud.com/vulnerabilities/43334 Third Party Advisory, VDB Entry Changed Reference Type https://exchange.xforce.ibmcloud.com/vulnerabilities/43637 No Types Assigned https://exchange.xforce.ibmcloud.com/vulnerabilities/43637 Third Party Advisory, VDB Entry Changed Reference Type https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117 No Types Assigned https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117 Tool Signature Changed Reference Type https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725 No Types Assigned https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725 Tool Signature Changed Reference Type https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761 No Types Assigned https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761 Tool Signature Changed Reference Type https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917 No Types Assigned https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917 Tool Signature Changed Reference Type https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627 No Types Assigned https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627 Tool Signature Changed Reference Type https://www.exploit-db.com/exploits/6122 No Types Assigned https://www.exploit-db.com/exploits/6122 Third Party Advisory, VDB Entry Changed Reference Type https://www.exploit-db.com/exploits/6123 No Types Assigned https://www.exploit-db.com/exploits/6123 Third Party Advisory, VDB Entry Changed Reference Type https://www.exploit-db.com/exploits/6130 No Types Assigned https://www.exploit-db.com/exploits/6130 Third Party Advisory, VDB Entry Changed Reference Type https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html No Types Assigned https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html Third Party Advisory Changed Reference Type https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html No Types Assigned https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html Third Party Advisory Removed CWE CWE-310 Added CWE CWE-331 -
CVE Modified by [email protected]
Oct. 12, 2018
Action Type Old Value New Value Removed Reference http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx [Patch, Vendor Advisory] Added Reference https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037 [No Types Assigned] -
CVE Modified by [email protected]
Oct. 11, 2018
Action Type Old Value New Value Removed Reference http://www.securityfocus.com/archive/1/archive/1/495869/100/0/threaded [No Types Assigned] Removed Reference http://www.securityfocus.com/archive/1/archive/1/495289/100/0/threaded [No Types Assigned] Added Reference http://www.securityfocus.com/archive/1/495869/100/0/threaded [No Types Assigned] Added Reference http://www.securityfocus.com/archive/1/495289/100/0/threaded [No Types Assigned] -
CVE Modified by [email protected]
Sep. 29, 2017
Action Type Old Value New Value Removed Reference http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5917 [No Types Assigned] Removed Reference http://www.milw0rm.com/exploits/6123 [Exploit] Removed Reference http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5761 [No Types Assigned] Removed Reference http://www.milw0rm.com/exploits/6130 [No Types Assigned] Removed Reference http://www.milw0rm.com/exploits/6122 [Exploit] Removed Reference http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5725 [No Types Assigned] Removed Reference http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9627 [No Types Assigned] Removed Reference http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12117 [No Types Assigned] Added Reference https://www.exploit-db.com/exploits/6130 [No Types Assigned] Added Reference https://www.exploit-db.com/exploits/6123 [No Types Assigned] Added Reference https://www.exploit-db.com/exploits/6122 [No Types Assigned] Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627 [No Types Assigned] Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917 [No Types Assigned] Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761 [No Types Assigned] Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725 [No Types Assigned] Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117 [No Types Assigned] -
CVE Modified by [email protected]
Aug. 08, 2017
Action Type Old Value New Value Removed Reference http://xforce.iss.net/xforce/xfdb/43334 [No Types Assigned] Removed Reference http://xforce.iss.net/xforce/xfdb/43637 [No Types Assigned] Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/43637 [No Types Assigned] Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/43334 [No Types Assigned] -
CVE Modified by [email protected]
Feb. 19, 2017
Action Type Old Value New Value Added Reference http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml [No Types Assigned] -
CVE Modified by [email protected]
Dec. 07, 2016
Action Type Old Value New Value Removed Reference http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml [No Types Assigned] -
CVE Translated by [email protected]
Nov. 09, 2016
Action Type Old Value New Value Removed Translation El protocolo DNS, del modo que se implementa en (1) BIND 8 y 9 anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar tráfico DNS mediante ciertas técnicas de envenenamiento de caché contra solucionadores recursivos, relacionados con una aleatoriedad insuficiente de IDs de transacción DNS y puertos fuente, también conocido como "DNS Insufficient Socket Entropy Vulnerability (Vulnerabilidad de Entropía de Socket DNS Insuficiente)". Added Translation El protocolo DNS, como es implementado en (1) BIND 8 y 9 en versiones anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar el tráfico DNS a través de un ataque de un cumpleaños que usa referencias in-bailiwick para llevar a cabo un envenenamiento del caché contra resolutores recursivos, relacionado con la insifuciente aleatoriedad de la ID de la transacción DNS y los puertos de origen, vulnerabilidad también conocida como "DNS Insufficient Socket Entropy Vulnerability" o "the Kaminsky bug". -
Modified Analysis by [email protected]
Nov. 08, 2016
Action Type Old Value New Value Changed CPE Configuration Configuration 1 AND OR cpe:2.3:o:canonical:ubuntu:6.06:*:lts:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:8.04:*:lts:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:3:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:3:*:desktop:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:3:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:3:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4:*:desktop:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR *cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:* Configuration 1 AND OR cpe:2.3:o:canonical:ubuntu:6.06:*:lts:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:8.04:*:lts:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR *cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:* Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html No Types Assigned http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html Third Party Advisory Changed Reference Type http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html No Types Assigned http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html Broken Link Changed Reference Type http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368 No Types Assigned http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368 Broken Link Changed Reference Type ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc No Types Assigned ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc Vendor Advisory Changed Reference Type http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 No Types Assigned http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html No Types Assigned http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html Third Party Advisory Changed Reference Type http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html No Types Assigned http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html Technical Description Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html No Types Assigned http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html No Types Assigned http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html Third Party Advisory Changed Reference Type http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 No Types Assigned http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 Broken Link -
Initial Analysis by [email protected]
Nov. 08, 2016
Action Type Old Value New Value Changed CPE Configuration Configuration 1 AND OR cpe:2.3:o:canonical:ubuntu:6.06:*:lts:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:8.04:*:lts:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:3:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:3:*:desktop:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:3:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:3:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4:*:desktop:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR *cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:* Configuration 1 AND OR cpe:2.3:o:canonical:ubuntu:6.06:*:lts:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:7.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu:8.04:*:lts:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_itanium:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:2003_server:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp:sp3:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:*:x64:*:*:*:*:* cpe:2.3:o:microsoft:windows:xp_professional:sp2_x64:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* OR *cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:* *cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:* Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html No Types Assigned http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html Third Party Advisory Changed Reference Type http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html No Types Assigned http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html Broken Link Changed Reference Type http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368 No Types Assigned http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368 Broken Link Changed Reference Type ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc No Types Assigned ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc Vendor Advisory Changed Reference Type http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 No Types Assigned http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 Third Party Advisory Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html No Types Assigned http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html Third Party Advisory Changed Reference Type http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html No Types Assigned http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html Technical Description Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html No Types Assigned http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html Third Party Advisory Changed Reference Type http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html No Types Assigned http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html Third Party Advisory Changed Reference Type http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 No Types Assigned http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 Broken Link -
Modified Analysis by [email protected]
May. 27, 2015
Action Type Old Value New Value Changed CVSS V2 (AV:N/AC:L/Au:N/C:N/I:P/A:P) (AV:N/AC:L/Au:N/C:N/I:P/A:N) Added CWE CWE-310 -
CVE Modified by [email protected]
Mar. 17, 2015
Action Type Old Value New Value Added Reference http://marc.info/?l=bugtraq&m=141879471518471&w=2 -
Initial Analysis by [email protected]
Jul. 09, 2008
Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity
being observed over the next 30 days. Following chart shows the EPSS
score history of the vulnerability.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2008-1447 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2008-1447
weaknesses.
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
13.95 }} 2.19%
score
0.95806
percentile
CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability