Thread-topic: [SA26629] BIND 8 Predictable DNS Query IDs Vulnerability
ïÂÒÁÔÉÔÅ ×ÎÉÍÁÎÉÅ ÎÁ ÆÒÁÚÕ - "BIND 8.x has reached "End of Life". The vendor
advises all users to upgrade to BIND 9.4.1-P1."
> BIND 8 Predictable DNS Query IDs Vulnerability
> SECUNIA ADVISORY ID:
> VERIFY ADVISORY:
> Moderately critical
> From remote
> ISC BIND 8.x.x
> Amit Klein has reported a vulnerability in BIND, which can be
> exploited by malicious people to poison the DNS cache.
> The vulnerability is caused due to predictable query IDs in outgoing
> queries (e.g. if BIND works as resolver or when sending NOTIFYs to
> slaves) and can be exploited to poison the DNS cache when the query
> ID is guessed.
> Reportedly, the probability to guess the next query ID is between 25%
> and 43%, depending on the handled DNS traffic.
> The vulnerability is reported in BIND 8.x versions prior to 8.4.7-P1.
> Update to BIND 8.4.7-P1.
> NOTE: BIND 8.x has reached "End of Life". The vendor advises all
> users to upgrade to BIND 9.4.1-P1.
> PROVIDED AND/OR DISCOVERED BY:
> Amit Klein
> ORIGINAL ADVISORY:
> OTHER REFERENCES:
> US-CERT VU#927905: