admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-29xx/CVE-2007-2926.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

306 lines
9.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-2926",
"sourceIdentifier": "cret@cert.org",
"published": "2007-07-24T17:30:00.000",
"lastModified": "2018-10-30T16:27:02.233",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning."
},
{
"lang": "es",
"value": "ISC BIND 9 hasta 9.5.0a5 utiliza un n\u00famero aleatorio debil a lo largo de la generaci\u00f3n de la consulta DNS ids cuando se responde la pregunta a resolver o enviando mensajes NOTIFY a servidores de nombre esclavos, lo cual hace m\u00e1s f\u00e1cil para atacantes remotos para adivinar la siguiente consulta id y llevar a cabo envenenamientos de la cache DNS."
}
],
"vendorComments": [
{
"organization": "Red Hat",
"comment": "Updates are available for Red Hat Enterprise Linux 2.1, 3, 4, and 5 to correct this issue:\nhttp://rhn.redhat.com/errata/RHSA-2007-0740.html",
"lastModified": "2008-03-28T00:00:00"
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C52373DC-3E05-424B-9C78-4092A75C75A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1861756C-CC81-4EAB-8427-57A3C62BFF96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F947835-8E96-4793-B81E-EEC103BF0CB3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA93166-513D-40AA-9855-FC89060BA03C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8B18D7-4D15-46A7-8013-E6267127A427"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A944178-032B-4637-842D-BC6B227043A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:9.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32CEF8AD-9EE7-4ADA-888E-883751962529"
}
]
}
]
}
],
"references": [
{
"url": "ftp://aix.software.ibm.com/aix/efixes/security/README",
"source": "cret@cert.org"
},
{
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc",
"source": "cret@cert.org"
},
{
"url": "http://docs.info.apple.com/article.html?artnum=307041",
"source": "cret@cert.org"
},
{
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01123426",
"source": "cret@cert.org"
},
{
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01154600",
"source": "cret@cert.org"
},
{
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01174368",
"source": "cret@cert.org"
},
{
"url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html",
"source": "cret@cert.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2",
"source": "cret@cert.org"
},
{
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:07.bind.asc",
"source": "cret@cert.org"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103018-1",
"source": "cret@cert.org"
},
{
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-389.htm",
"source": "cret@cert.org"
},
{
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=623903",
"source": "cret@cert.org"
},
{
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02218&apar=only",
"source": "cret@cert.org"
},
{
"url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IZ02219&apar=only",
"source": "cret@cert.org"
},
{
"url": "http://www.debian.org/security/2007/dsa-1341",
"source": "cret@cert.org"
},
{
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-13.xml",
"source": "cret@cert.org"
},
{
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php",
"source": "cret@cert.org"
},
{
"url": "http://www.kb.cert.org/vuls/id/252735",
"source": "cret@cert.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:149",
"source": "cret@cert.org"
},
{
"url": "http://www.novell.com/linux/security/advisories/2007_47_bind.html",
"source": "cret@cert.org"
},
{
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.022.html",
"source": "cret@cert.org"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2007-0740.html",
"source": "cret@cert.org"
},
{
"url": "http://www.securiteam.com/securitynews/5VP0L0UM0A.html",
"source": "cret@cert.org"
},
{
"url": "http://www.securityfocus.com/archive/1/474516/100/0/threaded",
"source": "cret@cert.org"
},
{
"url": "http://www.securityfocus.com/archive/1/474545/100/0/threaded",
"source": "cret@cert.org"
},
{
"url": "http://www.securityfocus.com/archive/1/474808/100/0/threaded",
"source": "cret@cert.org"
},
{
"url": "http://www.securityfocus.com/archive/1/474856/100/0/threaded",
"source": "cret@cert.org"
},
{
"url": "http://www.securityfocus.com/bid/25037",
"source": "cret@cert.org"
},
{
"url": "http://www.securityfocus.com/bid/26444",
"source": "cret@cert.org"
},
{
"url": "http://www.securitytracker.com/id?1018442",
"source": "cret@cert.org"
},
{
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.521385",
"source": "cret@cert.org"
},
{
"url": "http://www.trusteer.com/docs/bind9dns.html",
"source": "cret@cert.org"
},
{
"url": "http://www.trusteer.com/docs/bind9dns_s.html",
"source": "cret@cert.org"
},
{
"url": "http://www.trustix.org/errata/2007/0023/",
"source": "cret@cert.org"
},
{
"url": "http://www.ubuntu.com/usn/usn-491-1",
"source": "cret@cert.org"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html",
"source": "cret@cert.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/2627",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/2662",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/2782",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/2914",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/2932",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/3242",
"source": "cret@cert.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/3868",
"source": "cret@cert.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35575",
"source": "cret@cert.org"
},
{
"url": "https://issues.rpath.com/browse/RPL-1587",
"source": "cret@cert.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10293",
"source": "cret@cert.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2226",
"source": "cret@cert.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink