CVE-2008-1447

{"id": "CVE-2008-1447", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.2}]}, "published": "2008-07-08T23:41:00.000", "references": [{"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc", "tags": ["Third Party Advisory", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html", "tags": ["Technical Description"], "source": "secure@microsoft.com"}, {"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520", "tags": ["Broken Link"], "source": "secure@microsoft.com"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368", "tags": ["Broken Link"], "source": "secure@microsoft.com"}, {"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html", "tags": ["Broken Link"], "source": "secure@microsoft.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30925", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30973", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30977", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30979", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30980", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30988", "tags": ["Third Party Advisory", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30989", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30998", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31011", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31012", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31014", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31019", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31022", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31030", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31031", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31033", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31052", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31065", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31072", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31093", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31094", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31137", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31143", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31151", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31152", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31153", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31169", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31197", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31199", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31204", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31207", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31209", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31212", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31213", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31221", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31236", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31237", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31254", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31326", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31354", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31422", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31430", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31451", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31482", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31495", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31588", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31687", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31823", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31882", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/31900", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/33178", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/33714", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/33786", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200807-08.xml", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://support.apple.com/kb/HT3026", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://support.apple.com/kb/HT3129", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://support.citrix.com/article/CTX117991", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://support.citrix.com/article/CTX118183", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.debian.org/security/2008/dsa-1603", "tags": ["Patch"], "source": "secure@microsoft.com"}, {"url": "http://www.debian.org/security/2008/dsa-1604", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.debian.org/security/2008/dsa-1605", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.debian.org/security/2008/dsa-1619", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.debian.org/security/2008/dsa-1623", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.doxpara.com/?p=1176", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.doxpara.com/DMK_BO2K8.ppt", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.kb.cert.org/vuls/id/800113", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.nominum.com/asset_upload_file741_2661.pdf", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.novell.com/support/viewContent.do?externalId=7000912", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.openbsd.org/errata42.html#013_bind", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.openbsd.org/errata43.html#004_bind", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/bid/30131", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020437", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020438", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020440", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020448", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020449", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020548", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020558", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020560", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020561", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020575", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020576", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020577", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020578", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020579", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020651", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020653", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020702", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020802", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020804", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "http://www.ubuntu.com/usn/usn-622-1", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.ubuntu.com/usn/usn-627-1", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", "tags": ["Third Party Advisory", "US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2019/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2023/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2025/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2029/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2030/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2050/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2051/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2052/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2055/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2092/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2113/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2114/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2123/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2139/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2166/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2195/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2196/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2197/references", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2268", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2291", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2334", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2342", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2377", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2383", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2384", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2466", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2467", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2482", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2525", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2549", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2558", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2582", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2584", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2009/0297", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2009/0311", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0622", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117", "tags": ["Tool Signature"], "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725", "tags": ["Tool Signature"], "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761", "tags": ["Tool Signature"], "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917", "tags": ["Tool Signature"], "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627", "tags": ["Tool Signature"], "source": "secure@microsoft.com"}, {"url": "https://www.exploit-db.com/exploits/6122", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "https://www.exploit-db.com/exploits/6123", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "https://www.exploit-db.com/exploits/6130", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secure@microsoft.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html", "tags": ["Third Party Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-331"}]}], "descriptions": [{"lang": "en", "value": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\""}, {"lang": "es", "value": "El protocolo DNS, como es implementado en (1) BIND 8 y 9 en versiones anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar el tr\u00e1fico DNS a trav\u00e9s de un ataque de un cumplea\u00f1os que usa referencias in-bailiwick para llevar a cabo un envenenamiento del cach\u00e9 contra resolutores recursivos, relacionado con la insifuciente aleatoriedad de la ID de la transacci\u00f3n DNS y los puertos de origen, vulnerabilidad tambi\u00e9n conocida como \"DNS Insufficient Socket Entropy Vulnerability\" o \"the Kaminsky bug\"."}], "lastModified": "2020-03-24T18:19:46.383", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "vulnerable": false, "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "vulnerable": false, "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"}, {"criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52"}, {"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}, {"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "vulnerable": false, "matchCriteriaId": "E3C43D05-40F8-4769-BA6B-A376420EA972"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "vulnerable": false, "matchCriteriaId": "69117328-A5AD-48A5-A56A-0AA8805A113E"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "vulnerable": false, "matchCriteriaId": "3ECE18F6-9DDD-4354-9012-B0660E184E83"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "vulnerable": false, "matchCriteriaId": "4A2B4F1C-737D-40DA-B12E-6C664F9A7ECA"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "vulnerable": false, "matchCriteriaId": "DBBCB4B2-8007-4AD5-946E-396330E7DC31"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "vulnerable": false, "matchCriteriaId": "68758D17-44AF-4472-928C-3B94A7EAD671"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "vulnerable": false, "matchCriteriaId": "76EDD7D7-4567-4007-86A3-95E907616C6A"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "vulnerable": false, "matchCriteriaId": "7A933555-D875-47B9-BFA7-E030B04C1197"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "vulnerable": false, "matchCriteriaId": "4BAA5F63-9A88-4B38-B284-B6E6170F12A8"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "vulnerable": false, "matchCriteriaId": "9F168D81-2D2B-4B75-B907-A8AE2A3523C5"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "vulnerable": false, "matchCriteriaId": "1778D813-845D-4B79-B9AF-5D4E0B461C75"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "vulnerable": false, "matchCriteriaId": "A2E917A1-AFE1-4AA3-AB80-A69F152BAB51"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "vulnerable": false, "matchCriteriaId": "C8203007-1723-431B-ADDE-C5FE76A88619"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "vulnerable": false, "matchCriteriaId": "423102CB-1FA1-46BB-8345-412F35DB25B7"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "vulnerable": false, "matchCriteriaId": "98E956AB-6A8E-4C5D-89D5-52BC374B1D7C"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "vulnerable": false, "matchCriteriaId": "676A5A3B-EFE5-4B84-8F8E-CF952003F48F"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "vulnerable": false, "matchCriteriaId": "4902A7BD-0645-4CAC-8EA8-24BD2D8B893A"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D6B5646C-FF04-4D3D-B39E-27C1056962EA"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7361D8F0-FE84-41D0-9C62-F180339DD40A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5454336D-724E-4027-A642-1EFCB79C1ADC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E3C0D00-DF20-4B46-8A7D-99D963BD921E"}, {"criteria": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7904F3D9-A6B0-4ED6-8BAD-2D26C118C0F2"}, {"criteria": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90E4653A-C63A-4568-BFF2-ECAB7AB5A55C"}], "operator": "OR"}], "operator": "AND"}], "vendorComments": [{"comment": "http://rhn.redhat.com/errata/RHSA-2008-0533.html", "lastModified": "2008-07-09T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secure@microsoft.com"}